Most C-level executives would agree that protecting a company’s confidential data and trade secrets from the prying eyes of competitors is critical. Yet interactive polling of senior IT security executives at Courion’s annual user conference, revealed that 65 percent are aware that their company has experienced a computer intrusion in which data was stolen, and 55 percent have discovered a current employee or insider taking information from the company’s computer system to use in a competing business.
During his presentation at the conference, Assistant U.S. Attorney Kyle F. Waldinger, who has prosecuted with the Computer Hacking and Intellectual Property (CHIP) unit of the U.S. attorney’s office for the northern district of California, demonstrated through these poll questions the threat that global multinational companies face, even from their own employees. Unfortunately, current legislation makes it challenging for the federal government to prosecute potential offenders.
And information security and identity and access management departments don’t always work together to reduce the risks that lead to breaches caused by insiders, as revealed by a live poll conducted later in the conference by presenter Jon Oltsik, a senior principal analyst with Enterprise Strategy Group (ESG).
Fourteen percent identified organizational issues between IAM and the information security groups as the biggest impediment to greater cooperation, while 12 percent cited budget issues, 11 percent cited technology integration issues, and nine percent pinned the problem on a skills shortage. 47 percent of attendees felt that all of these reasons posed a challenge to greater integration of IAM controls within security.
Nonetheless, Oltsik made the case that by better integrating IAM analytics with security, global companies gain access to the contextual access controls needed to reduce their overall attack surface and lower IT risk. By using IAM big data security analytics, or identity and access intelligence software, companies are better equipped to eliminate ungoverned accounts and better manage Segregation of Duties (SoD) and privileged account access.
“Multinational corporations should be leveraging IAM big data security analytics now, not only to improve their ability to detect and respond to possible breaches, but to streamline IAM processes and improve oversight capabilities,” said Oltsik.
In fact, the recent 2014 Verizon Data Breach Incident Report recommends the following IAM controls:
- Know your data and who has access to it
- Review user accounts
- Watch for data exfiltration
- Publish audit results.
Further, the SANS Institute’s Version 5 Critical Security Controls include:
- Controlled use of administrative privileges
- Maintenance, monitoring and analysis of audit logs
- Account monitoring and control
- Data protection.