Have any question?

Blog

MSPNetworks Blog

MSPNetworks has been serving the Farmingdale area since 2010, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Not All Threats are External

As much as a business relies on its technology, it relies just as much upon its employees to properly put that technology to use. Unfortunately, this can very easily expose the business to various threats that involve their employees. Understanding these insider threats is crucial for a business, especially given how current events may tempt those who would never have considered them otherwise.


Let’s review what constitutes an insider threat, and why they are now a bigger potential problem than ever.

What is an Insider Threat?

An insider threat is precisely what the term implies: a threat to your business that is sourced from one of your in-the-know employees. While this makes it sound as though we are referring to an embezzler or corporate spy (which can be the case), it also applies to any employees whose actions inadvertently compromise your business’ data, security, and other property. So, when you are working to prevent insider threats, you need to focus on a variety of fronts.

There are many reasons that these kinds of threats can arise, especially with the current issues that businesses everywhere are struggling with.

Technical Shifts

Given the fact that a pandemic has closed many workplaces, a huge amount of businesses of every size have needed to adjust drastically to sustain their operations however they can. For many, this meant rotating to a virtualized environment for remote work.

Of course, putting it this way makes it sound far easier than it is. Not only have many organizations suddenly been tasked with adopting an entirely new means of accomplishing their goals, many of these changes require adjustments to enable remote work at all. When all of this is considered, there is generally some trade-off between capability and security.

Emotional Distress

There is no denying that the last few months have been a challenging time for everyone. Stresses have been high, and without the recreational activities that many would normally turn to as a means of relieving some of this stress, many people will consider actions that they otherwise wouldn’t. With rising anxiety comes less forethought, and always-present thoughts of economic challenges and potential unemployment can tempt even the most trustworthy employee into considering alternatives like fraud and theft.

Organizational Adjustments

Every successful business has struck a balance between its progressive operations and the appropriate level of security it needs. If security were sacrificed, the business’ operations would be undermined, but if security becomes too oppressive, the business wouldn’t be able to function well enough to support itself. As a result, businesses must find a middle ground, of sorts, that positions them in the best possible circumstances.

Typical Behaviors Associated with Insider Threats

Of course, insider threats can be an issue in the best of times, as well. It doesn’t necessarily take the changes brought on by a pandemic to sour an employee’s opinion of a company, and data has shown that about 60 percent of insider threats involve data being taken as an employee prepares to leave a company—particularly if that employee had a role in preparing that data. Most who do this use email, while fewer numbers use cloud storage, data downloads, and removable storage media, respectively.

These flight risks can be spotted, however, with a little bit of diligence. For instance, if an employee is spending time on job search websites with no work-related reason to do so, you should be concerned, as you should if they are accessing data from a strange place or granting themselves more privileges than their responsibilities require.

Insider threats are certainly a problem, but many potential ones can be fixed proactively. It is important to remember that not all of them will be intentional attacks to your business. Very often, it is more of a matter of an employee inadvertently compromising your security in the attempt to do their job—emailing themselves a file to work on it after hours, for instance. Employees who are operating remotely may be reverting to old security habits as they are out of the work environment. Regardless, you need to do whatever you can to minimize the threats your business and its data face from those closest to it.

Putting the Kibosh on Insider Threats

Communicate Better with Your Team

Right now, things are pretty scary, and many are doubting their job security. Therefore, it only makes sense that people aren’t taking the most well-thought-out actions or could be tempted to create an insurance policy for themselves. Frequently and clearly communicating with your team will help to make them relatively more comfortable in their given situation, hopefully making them less likely to make rash decisions or act out.

Maintain Relationships

While there may be a time and a place for taking a step back and managing your team from a distance, a pandemic ain’t it. Make sure you double-down on your efforts to evaluate how well your employees can cope under the circumstances and adjust your processes accordingly. This will both give you a closer view of your employees and assist you in reducing the stress that might lead to error otherwise.

Give Your Team the Tools for Success

Finally, to cut down on the challenges that your employees must cope with while bolstering your business’ security, make sure that the team is making the most of the solutions at its disposal. The collaboration solutions now available, paired with modern security measures and implemented with a focus on best practices, will make life easier for your team… something you want when difficulties will increase the chances of an insider threat.

For the tools and resources to help your business put these protections in place—even now—reach out to the professionals at MSPNetworks today.

0 Comments
Continue reading

Uber Demonstrates the Importance of Disclosing a Data Breach

If your business was breached, would it be better to keep it a secret, or should you disclose it to your clients? Uber has proven that trying to hide it is a mistake, and a costly one at that.


In November of 2016, Uber was made aware that they had been breached, personal information from 57 million users and 600,000 United States-based drivers having been stolen by hackers. Uber quickly tried to hide the data breach, paying $100,000 to the hackers in exchange for the stolen data to be deleted and for their silence.

However, when Dara Khosrowshahi stepped in as CEO and learned about the breach, he quickly decided that the company had to come clean. As a result, Uber has now reached a settlement with the attorneys general of all 50 states and the District of Columbia. Under this settlement, Uber has to pay $148 million, as well as hire a third-party representative to routinely go over its data security measures and suggest improvements that Uber will have to adopt. Furthermore, Uber will also have to implement a “corporate integrity program.” This program will allow (or, more accurately, require) any ethical issues that employees raise to be addressed fully.

Uber is far from the only company who has kept data breaches under wraps for as long as they could. Google is finally pulling the plug on Google+, the search giant's failed attempt at social media, as the result of a security breach that potentially exposed 500,000 users… three years ago.

We would also be amiss if we didn’t mention Equifax, which not only had the data of over 146 million Americans exposed on its watch, but also waited over a month to report it. Not only that, but some employees have even been charged with insider trading after offloading all of their Equifax stock between learning of the breach and it being officially announced.

So, what does this have to do with you and your business?

Consider, for a moment, the data that your business has collected. Chances are, there is quite a bit of overlap in the data you have stored on your clients and customers as Uber or even Equifax has. Uber, Equifax, and certainly Google can all absorb this kind of event - perhaps not without some consequences, but these companies are big enough that they will be able to bounce back from them. Could you say with 100 percent certainty that the same could be said of your business?

In short, if you are to suffer a data breach, you need to be open about it and come clean. Chances are, your clients will still be upset with you, but there’s a big difference between “my data was breached” and “my data was breached and you didn’t tell me.”

However, if you do everything possible to make sure that your data isn’t breached in the first place, you may not have to worry about disclosing one to your patrons. MSPNetworks can help with our cybersecurity solutions and best practice training. For more information, reach out at (516) 403-9001.

0 Comments
Continue reading

Customer Login

News & Updates

MSPNetworks is proud to announce the launch of our new website at www.mspnetworks.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact Us

Learn more about what MSPNetworks can do for your business.

MSPNetworks
1111 Broadhollow Rd Suite 202
Farmingdale, New York 11735