Now a day, the internal attacks are the biggest threats
companies have. Employees, especially the ones that work in the IT have a
knowledge and also access to the networks and data strategies, and therefore,
can make serious damages.
The first step each company should do is to identify
all the privileged accounts and determine which one of them are not in use
anymore (due to some employee is no longer part of the company). Also, it is
needed to control and monitor all the other privileged credentials and
therefore, create alerts that can allow fast response in a case of malicious
activity.
Employees use mobile devices to share data and company's
important information. Actually, the data that are collected from many investigations are made through mobile
devices. This is not a small number and for sure should not be underestimated
the importance.
The solution here lays on the policy they have regarding the
better education of employees on device expectation and monitor what they are
downloading to company's devices. The monitoring will provide effectiveness and
quick response in vulnerable cases.
