The seven colors of the insider threat rainbow

The grave threat that insiders pose stare data security practioners straight in the face, but many fail to appreciate the threat. The reason: “This will not happen to me”.

“My SAP environment is secure.”

 “Our Data Leak Prevention solution is enough.”

 “I don’t think we have issues with our employees. Definitely not with their integrity.”

We have heard it all. CIOs and CISOs are vehement when it comes to explaining the security measures they have put into place. It is true that all the data security practitioners we have come into contact with seem to be on top of their game, when it comes to securing data from the inside they all seem to have left one tiny window open. And that enough to bleed the company 4% of its annual global revenues (as per GDPR’s diktat).

Just one question has been enough to get our guessing correct: Do you know what happens to your SAP data once it is downloaded into a user’s system?

More often than not, the response is an uncomfortable silence.

As colorful as the rainbow

An article by Christina Wood in CSO titled ‘Insider threat examples: 7 insiders who breached security’ provides popular scenarios as to why insiders do the deed. She lists stealing IP for the future, stealing data to start a competitive venture, espionage by foreign powers, industrial espionage, among others.

Her article talks about:

(1) Anthony Levandowski, the Google employee who stole Waymo’s ‘intelligent car’ IP and sold it to Uber.

(2) Jason Needham who stole information from his former employer Allen & Hoshall to start his own firm.

(3) Jiaqiang Xu, the perfect IBM employee who stole IP to sell to China – profit and patriotism at its worst.

(4) Dejan Karabasevic who stole proprietary technology data from his ex-employer, AMSC, and sold the same to the Chinese wind turbine company Sinovel.

(5) David Kent who broke a non-compete agreement after selling his social networking site twice over.

(6) Christopher Victor Grupe, the disgruntled railway employee, who wiped out essential files, removed admin accounts and changed passwords.

(7) The Target story. One weak refrigeration contractor who fell to a phishing scheme and threw open the retail clients’ data.

Staving off imminent danger for the Indian Defence Establishment

You may have read the RCI story. But the crux of the matter is that SECUDE stemmed the free flow of SAP-based purchase order data.  Such information could easily reveal to the malicious discerning eye possible strategic projects that the defence laboratory is working on.

We are in a very serious domain – National Security. Naturally, we take extreme precaution to protect our data inside and outside our premises. With HALOCORE®, we are now doubly reassured that sensitive information relating to our order management is secure and remains so – despite multifarious threats.” Gautam Mahapatra Director Technology & Systems Research Centre Imarat (RCI)

Why HALOCORE®?

A company’s most valuable data is inside SAP. With data leaving the enterprise in enormous volumes and rates, Data Loss Prevention (DLP) for SAP is a key security issue. HALOCORE’s DLP technology for SAP helps prevent loss of sensitive data, while enabling secure collaboration and sharing. HALOCORE is directly integrated with SAP, preventing certain sensitive data downloads from happening even before they arrive at the user’s chosen medium. HALOCORE monitors data extracted from SAP and blocks downloads that would violate internal data security policy or alternatively, encrypts them. Additionally, all download behavior is logged for further auditing and with HALOCORE’S GRC Extension, appropriate personnel can be alerted of blocked downloads to investigate and take further action.

You can read more about HALOCORE on the product page.

Are you at Sapphire? We are (at booth #290) and we would love to meet you there. Let us know your intent.

Related Reading

[1] Dark Web augments insider threat for organizations

[2] Compromised data is compromised security

[3] How do you secure data against Industrial Espionage?

Reference

[1] Insider threat examples: 7 insiders who breached security