Insider security risks exposed
RSA 2008: Beware 'Curious Cat' and 'Malicious Malfoy'…
Employees are still one of the biggest threats to corporate IT security both through malicious and accidental actions.
Vipin Samar, VP of database security at Oracle, said: "You see a whole range of people through which your security is being compromised - not just hackers."
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
Samar labelled the cast of security risk employees as Curious Cat, Complacent Connie, Forgetful Floyd, Rushing Rupa, Insider Ian and Malicious Malfoy - named after no-good Harry Potter character, Draco Malfoy.
Curious Cat, although not malicious, will look at data they shouldn't be looking at, making it vulnerable to more dubious characters.
Meanwhile, Complacent Connie assumes that as nothing has happened as a result of their activity previously, nothing will happen if they do it again.
Samar said both need to be educated about why policies are followed, as well as given limited access. In addition, methods such as masking data - so only people with privileged access can view accurate data - could be used.
Forgetful Floyd is someone who is likely to leave a laptop lying around or forget to follow guidelines - again awareness of the importance of policies is key to dealing with this group.
Rushing Rupa is someone under pressure to finish a task to deadline - writing code for example - meaning they may miss out critical elements which could compromise security.
Samar said the use of code-scanning technology to detect problems and the separation of approval roles so code is checked a number of times could iron out these vulnerabilities.
Insider Ian on the other hand has more intent to cause problems, possibly inspired by greed or revenge. Samar said: "He knows all the ways to break in. He knows where the data is."
Internal security measures such as multi-factor authentication and identification management could be used to limit Ian's activity.
Malicious Malfoy is the external hacker who exploits security vulnerabilities to steal information and disrupt corporate networks. "They know what they want and how to get it," said Samar.
Ways to combat Malfoy are countless, but include good patch management, efficient use of firewalls and having secure platforms, tools and processes, Samar said.