Insider threat – A conclusion… (pt.7)

by
start now on your insider threat project

Today I am going to bring this Back to Basics Primer about the insider threat and what smaller organisations can do about it to a close, with a look at what your first steps should be in mitigating the risks and what extra small steps you can take to greatly improve your response.

Leavers and Joiners

Something we have not spoken about is the change of staff every organisation faces. This process raises a number of questions that impact on your keeping control of the insider threat risk.

On the way in…

• How soon do you trust someone? This very much depends on their role and responsibilities.
• Our Operations Manager has a stance of not trusting new starts on the support team immediately. Your mileage will vary depending on your variables.

On the way out…

• For a normal departure, you may want to limit some access, but again your experience will vary.
• For someone who you are letting go, then I always advise our clients to close the door on any sensitive information as soon as possible once the decision has been made. It may also be necessary to limit access during any investigation period.
• Whatever the circumstances ensure all access – to all systems – has been stopped at the end of their last working day.

You need to think about these issues before they become an insider issue. A documented Starters and Leavers document and a Staff Access document will ensure a smoother process. These should be created in partnership with your IT support team.

What is that extra step you mentioned?

I expect many of you asked that right at the beginning? Corporate organisations running Enterprise packages have access to many more tools to help monitor and prevent the insider threat and they pay more for that security than a smaller organisation could justify for the risk.

Many of our clients use Microsoft 365 Business Standard – a very capable and affordable package for a smaller organisation. We do not use that plan – as a company we discussed our risks and decided that the next plan was better, Microsoft 365 Business Premium, as it includes more tools for dealing with various cyber security threats and risks, including the insider threat.

That is where we are going to stop today and in the New Year we are going to look at Microsoft 365 Business Premium and what the benefits are.

Taking a break

Producing two in-depth, entertaining and informative articles each week about cyber security takes time and creativity. I have a OneNote notebook full of ideas, I read about the current threat landscape, I discuss cyber issues with clients and colleagues and then I have to sit down and in about 500 words get my ideas across in non-technical language. Images need to be sourced, references cited and then the whole lot goes for editing and then we publish. To keep the quality up I need a break.

We will be back in January 2025, until then enjoy the festive season.


Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading

The Insider Treat Primer

The Insider threat – Not just a question of trust. (pt.1) – CyberAwake

The Insider threat – Start thinking about sorting. (pt.2) – CyberAwake

The Insider Threat – Mitigation. (pt.3) – CyberAwake

The Insider Threat – An Investment. (pt.4) – CyberAwake

The Insider Threat – Careless (pt.5) – CyberAwake

Insider Threat and BYOD (pt.6) – CyberAwake

Photo by Airam Dato-on

Contact us for consultation

Wake up to cyber threats..

Insider threat – A conclusion… (pt.7) Cyber Awake
HQ Based between Newark and Lincoln

Get in touch

CyberAwake
Unit 2 Kingsley Court
Kingsley Road
Lincoln
LN6 3TA
United Kingdom

01522 508089

useful links

Website Cookies Icon

This website uses cookies to ensure you get the best experience on our website. Click for more information.

accept & Close