In this ever evolving threat landscape, willing or unwitting insiders often play a key role in security compromises of organizations.
It used to be that an organization’s staff were people who knew each other for years, who interacted every day, who met and spoke in person, who had common incentives and goals.
Now, an organization’s staff often includes trusted insiders that are employed by contractors, the staff of ISPs and cloud app services – people who you actually don’t know, but you are expected to trust.
In this podcast recorded at RSA Conference 2012, Matthew Ulery, Director of Product Management with NetIQ, talks about need for user activity monitoring that involves your contractor’s and various services’ employees as well as your own.
He also offers a couple of real world examples of how this trust can be abused and this abuse prevented by managing and controlling the rights that every user has within the organization, and doing so constantly and repeatedly.
Listen to the podcast here.