4 Ways to Defend Against Internal Attacks
•Download as PPTX, PDF•
0 likes•153 views
4 Ways to Defend Against Internal Attacks
Recommended
More Related Content
What's hot
What's hot (19)
Similar to 4 Ways to Defend Against Internal Attacks
Similar to 4 Ways to Defend Against Internal Attacks (20)
Recently uploaded
Recently uploaded (20)
4 Ways to Defend Against Internal Attacks
- 1. 4 Ways to Defend Against Internal Attacks
- 2. 2 Defend Within GlobalAccountant.com posted that 1/3 of British accountants breach their company IT policies. Over 40% knew about the policy and yet ignored it. If 1/3 of your staff is breaching your IT policy, what can you do to defend within?
- 3. 3 1. Role Based Access Challenge: You have hundreds, even thousands of users in your system. How can you provision everyone with the correct access in a timely fashion? Answer: Role Based Access where you are given permission based on your role in the company but can still request access to other programs.
- 4. 4 What is Role Based Access? This is Joe, a new developer starting today. When Joe goes to request access how does he know which of the company’s applications to choose? ???
- 5. 5 What is Role Based Access? With Role Based Access, Joe will be led to the most relevant applications for his role taking the guess work out and preventing requests for excessive access or for programs they don’t need.
- 6. 6 Why Role Based Access? Approver saves time by only approving requests outside of the users role. This limits the rubber stamping effect and gives better visibility into what is being approved. User saves time by having his applications suggested for him rather than having to guess what he needs and possibly request access to critical systems he doesn’t. Company saves time and money with tighter security and fewer user accounts with privileged access.
- 7. 7 2. Access Management What three roles does every organization have in common? 1. Joiners 2. Movers 3. Leavers
- 8. 8 Access Management Joiners and Movers need to have access granted as soon as possible to enable them to do their jobs. Leavers pose the largest threat to your system and need to have access shut off immediately. “1 in 5 employees still have access to internal systems at their previous jobs” – SCMagazine.com
- 9. 9 3. Segregation of Duties Who wouldn’t love to set and approve their own budget? What about submit and approve your own purchase order?
- 10. 10 Segregation of Duties In order to uphold checks and balances you need segregation of duties. This will set permissions for your team and put up barriers to critical risks.
- 11. 11 4. Real-Time Monitoring Auditing is everyone’s least favorite time of the year. However, if you only audit once a year then you only see into your system once a year. What happens the other 11 months?
- 12. 12 Real-Time Monitoring Question: If you had 4 new accounts come online in one week, all with privileged access, would you notice?
- 13. 13 Real-Time Monitoring With real-time monitoring capabilities in an intelligent IAM system your system is continuously monitored and you are alerted when things look wrong.
- 14. 14 5. Build a Security Aware Culture I know, I said 4 ways so this one is free. By building a culture that is aware of the risks to themselves and the company, you expand your security team exponentially. When your organization buys in to your security strategy they become more aware of risks, take more precautions against them and become a new line of defense against attacks.
- 15. 15 Are You Ready to Defend Within? Are you currently monitoring these 4 breach risks? Have you experienced one of these breaches? Do you know what risks are currently in your system? Let Courion help. With a Quick Scan of your systems, we can show you where your critical risks lie and how to secure them. Get My Quick Scan>>