eBook
Detect.
Harnessing the intelligence of AI, Conceal identifies emerging threats in real-time, ensuring you’re always a step ahead.
When legitimate credentials of employees, contractors, business associates or others are maliciously or intentionally abused, extreme harm can be caused to the target organization. Detection and response capabilities are less likely to pick up on the malicious activity of a legitimate user in the moment. This reality makes the exfiltration of confidential data such as personal identifiable information of employees or customers or financial information related to the organization extremely hard to catch in the act.
Examples
Chelsea Manning
In 2010, an Army intelligence specialist, Private First-Class Chelsea Manning, copied over 750,000 pages of military reports and videos that even she was not authorized to see, let alone take. This sensitive content included military documents, diplomatic cables, and other classified information. The classified databases that this information was a part of shed light on violations of the U.S. Military’s Rules of Engagement and unreported civilian deaths by the military while in Baghdad. Chelsea leaked the information in an attempt to call out these wrongdoings.
Edward Snowden
As a government contractor employed through Booze Allen, Edward Snowden has gone down in history as one of the most famous malicious insiders to infiltrate the United States government. As a government contractor, Snowden gained access to NSA’s surveillance programs, programs that were not necessary for him to complete his work. Access and disclosure of these global surveillance programs put both the United States’ national security and the individual privacy of persons that were a part of the surveillance program at risk.
Protect Against Insider Threats
Minimizing the risk of insider threats starts with a solid security foundation. Oftentimes, insider threats are employees without malicious intent, unlike the examples above. For these cases, minimizing likelihood of insider threat is simpler, beginning with a robust security awareness and training program for all employees. For malicious insiders, minimizing likelihood is still possible but more difficult. For these cases, it is imperative for the organization to ensure employees only have privileged access when necessary. Minimizing access to systems, files, accounts, etc. that are not necessary for employees to complete their jobs will minimize the probability of sensitive data being leaked. Performing an enterprise-wide risk assessment will help with this as it will identify where your critical assets are and ensure that only the right employees have access to them. Additionally, it is imperative that organizations clearly document and consistently enforce policies and controls. This approach will address third party access, user monitoring and other important components of your IT environment to minimize the success a malicious insider may have in capturing confidential information out of your systems for them to leak.
Conceal’s Solution to Malicious Insiders
Through the investment of Conceal, a malicious insider’s ability to cause harm or havoc originating from the web is remediated. Through the combination of ConcealBrowse, ConcealSearch, and ConcealCloud, it is near impossible for a user to download malicious content or perform corruption via the internet. Specifically, ConcealCloud can be leveraged to keep people from accessing applications hosted in ConcealCloud. Without access to the sensitive data, malicious insiders are unable to cause harm to the organization.
