As many as 94% of the top ASX listed companies have been exposed to an internal data leakage in the previous year. Internal data leakage can have many forms: a negligent employee leaving a USB drive lying around for someone to pick up, a malicious employee who decides to transfer data to his own personal computer for future gain, or a targeted employee who becomes the victim of a phishing email.
To prevent your company from suffering the same fate, here are some ways to defend against internal data leakage:
- Install data loss prevention controls
Data loss prevention technology can classify different types of data an organisation holds and prevent it from leaving the private network.
- Detect suspicious employee behaviour
Is one of your employees transferring a strange amount of data to a USB drive or something of that nature? Certain solutions can be set in place to detect and even record such behaviour.
- Educate employees
Training employees to better understand data security threats goes a long way. Educating your employees so they can recognise phishing attempts decreases the chances that they will fall for one, which should be an important part of any data security strategy.
- Have damage control systems in place
The faster you can bridge the gap between the discovery of a breach and the resolution, the better. Having the correct policies and escalation procedures will help you control the damage.