One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8475125 |
| Date de publication | 2024-04-03 10:00:00 (vue: 2024-04-03 10:07:30) |
| Titre | Le rôle des contrôles d'accès dans la prévention des menaces d'initiés The role of access controls in preventing insider threats |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. If you’ve ever worked in an IT department, you know how easily a single misclick can lead to data breaches and system compromises. Preventive efforts are critical since there’s no reliable way to truly eliminate insider threats. Can robust access controls protect your organization? The impact of insider threats on organizations Insider threats are a prominent danger regardless of the industry you’re in. In fact, 98% of U.S. organizations report being slightly to extremely vulnerable to them. This figure reveals how many are unconfident in their existing deterrents, highlighting the importance of preventative efforts. Even if you don’t believe anyone at your workplace would intentionally cause damage, you should still be wary — insider threats aren’t always malicious. Negligent employees are responsible for 60% of data breaches, meaning carelessness is a more common driver. Unfortunately, the fact that negligence is the primary driver of insider threat attacks isn’t a good thing — it means a single misclick could put your entire organization at risk. Robust access controls are among the best solutions to this situation since they can prevent careless employees from leaking data or unintentionally escalating an attacker’s permissions. Access control mechanisms are crucial for threat mitigation The main way robust access control mechanisms are crucial for addressing insider threats is through unauthorized access mitigation. Employees, whether acting negligently or with ill intent, won’t be able to do any damage to your organization when their permissions limit them from retrieving or editing sensitive data storage systems. No matter how long you’ve spent in the IT department, you know how irresponsible some employees are when dealing with sensitive data, intellectual property or identifiable details. Access control mechanisms keep information assets out of reach of most of the people in your organization, safeguarding them from being tampered with or exfiltrated. If an attacker successfully enters your organization’s systems or network, robust access control mechanisms restrict their lateral movement. Since they aren’t authorized personnel, they aren’t granted meaningful permissions. This act minimizes the damage they can do and prevents them from compromising anything else. Even if an attacker has one of your colleague’s lost or stolen devices, access controls block them from being able to do anything meaningful. Authentication measures prevent them from accessing your organization’s systems and exfiltrating sensitive data. It also helps keep them from escalating their privileges, minimizing their impact. With robust access control mechanisms, you can quickly identify indicators of compromise (IOCs) to stop threats before they become an issue. For example, spotting concurrent logins on a single user account means an attacker is using legitimate credentials, indicating a brute force, phishing or keylogging attack. Which access control systems should you implement? Although insider threats pose an issue regardless of your industry or organization’s size, you can find ways to prevent them from doing any damage. You should consider implementing access control systems to detect and deter unauthorized action, mitigating data breaches and system compromises. A standard system to consid |
| Envoyé | Oui |
| Condensat | able abnormal accelerating access accessing account accounts act acting action actions activity actually addressing adequate adopt align alone also although always among analytics any anyone anything appear appears approach are aren’t article assets at&t attack attacker attacker’s attackers attacks authentication author authorized awareness bare become becoming before behavior being believe best block breaches broader brute business campaigns can can’t careless carelessly carelessness cause chance clear colleague’s combination common compare compromise compromised compromises compromising concurrent consider consistently content control controls could credentials critical crucial cybersecurity damage danger data dealing department destination details detect detection deter deterrents device’s devices does doing don’t driver easily editing effectively efforts either elevate eliminate else employees endorse enhancing enough enters entire escalate escalating even ever every example exfiltrated exfiltrating existing extremely fact figure find first flag force frequency from glance goal good granted has help helps hidden high highlighting hiring how identifiable identification identify ill impact implement implementing importance improved improves inactive incident incidents increase increases indicating indicators industry information insider insights integrate integrating intellectual intent intentionally interest iocs irresponsible isn’t issue it’s its jobs keep keylogging know lateral lead leaking least legitimate leverage like likely limit log logins logs long losses lost main maintenance make makes malicious maliciously many matter may meaning meaningful means measures mechanisms minimizes minimizing minimum misclick mitigating mitigation monitoring more most movement must negligence negligent negligently network new not one online organization organization’s organizations other out outcomes patterns people permanent permission permissions person’s personnel phishing pinpoint pose positions post prevent preventative preventing preventive prevents previous primary principle privilege privileges proactive procedures prominent property protect protocols provide provided provides providing put quickly reach real redirect regardless reliable remain report request resources respond response responsibility responsible restrict retrieving reveal reveals rises risk robust role safeguarding safeguards safety seem sensitive seven should silently since single situation size slightly slipping solely solution solutions some soon source specifics spent spotting standard stolen stop storage successfully sure suspicious system systems takeovers tampered targets tell test them there’s these they’re thing threat threat’s threats through time tools toward truly unauthorized unconfident unfortunately unintentionally unnoticed unrestricted user using usual value views vulnerable want wary way ways when whether which whichever who will won’t words worked workplace would you’re you’ve your |
| Tags | Tool Threat |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.