Joel Dolisy 01 September 2015

The insider threat

The insider threat image

If you were to check the newspapers today you could almost guarantee there would be a story referencing or focusing on the latest high profile hack. Departments at all levels of government, from national right down to local councils, are bring breached and it’s not just data that is being compromised, but money is also being stolen.

This paints a picture of security threats emanating from cyber-gangs hacking into local council servers on the other side of the globe. But this isn’t necessarily the case. In fact, a recent survey from SolarWinds found that the biggest threats to the local councils aren’t coming from hackers but instead from council employees on the inside.

The survey found that 53% of IT respondents from local councils identified careless and untrained insiders as the biggest IT security threat in their department. These careless individuals are being considered as a bigger cyber security threat than a terrorist or a hacker for a variety of reasons.

Firstly IT departments have less control of employees since personal devices have become more frequently used in the workplace. There is also an increasing amount of pressure on IT pros to apply network configurations as quickly as possible rather than correctly. This is making local councils vulnerable as mistakes are being made by causing inaccurate network changes.

Lastly there is the issue of human error, when employees leave their laptop on the tube or lose their USB stick. Together all of these are contributing to an increase in potential insider threats.

However, there are three strategies that can help address the growing issue of insider threats:

Automate network configurations

A problem which the survey outlines is that network configuration is being carried out quickly as opposed to accurately by IT pros. This can lead to a variety of issues, the most problematic being that if a network isn’t configured properly employees can make unofficial and inaccurate network changes.

All local council IT pros are stretched, however if organisations considered automating the network configuration process the procedure could be carried out much more efficiently. The tool can perform scheduled network configuration backups, bulk change deployment for thousands of devices all with minimal input from the IT pro, freeing up valuable time. As well as limiting the concern over insider threats, these tools can also catch configuration errors and automatically notify the administrator of any compliance issues.

Know who is accessing the network

Over the last few years employees have started to use their own personal devices for work, which has added a great deal of risk to local councils. Losing a laptop or having a smartphone stolen out of a bag can lead to vast amounts of data being stolen which can prove catastrophic to the organisation if something is leaked or worse compromised.

The most efficient way to overcome this is to block unauthorised devices from accessing the network by creating a policy that allows the team to track and monitor devices, switches and ports. To ensure maximum security, develop a ‘whitelist’ of all the devices which are allowed to infiltrate the network and set up notifications if a device attempts to access the network that is not on that list.

Nonstop network monitoring

In an ideal world IT pro’s should be aware of everything that is happening on the network. That in itself is a huge task and next to impossible when the rest of the workload is factored in.

Having said that there is a shortcut which can guarantee every area of the network is monitored without taking up the time of the IT pro. This is by investing in a solution that can automatically monitor the network for any anomalies and alert administrators of any potential breaches, data leaks, unauthorised users, or suspicious activity. The IT pro can then focus their time on responding and addressing any problems the solution has flagged. It also allows the IT pro to pinpoint where the root of the problem is and identify the user who could be unintentionally compromising the network.

A few good examples of effective monitoring solutions include security information and event management (SIEM) and log and event management software. These solutions provide real-time feedback and alerts that give administrators information about any suspicious network activity.

Insider threats are slowly becoming a huge fear of local council IT teams. Whether they are intentional or not they can be incredibly dangerous and should be taken seriously.

Joel Dolisy, CIO, CTO SolarWinds

For your free daily news bulletin
Highways jobs

Principal Energy Engineer

Surrey County Council
£45,734 - £51,725 per annum
Do you have experience in working with delivering carbon reduction measures into a range of building projects? Surrey
Recuriter: Surrey County Council

Wellbeing and Independence Practitioner - Safeguarding

Essex County Council
£27203 - £31370 per annum
Please note, this role is a Fixed Term Contract until the end of March 2022. With us, you can achieve more - for yourself as well as those you work England, Essex, Chelmsford
Recuriter: Essex County Council

Chief Fire Officer/Chief Executive

Essex County Fire & Rescue Service
c. £150,000
Are you ready for an exciting and rewarding opportunity Essex
Recuriter: Essex County Fire & Rescue Service

Housing Development Manager

City of York Council
£36,476 to £41,830 per annum
Do you want to play a key part in the delivery of “the UK’s most ambitious council-led housing programme in a generation”? York, North Yorkshire
Recuriter: City of York Council

Resettlement Support Workers

City of York Council
£21,989 to £24,447 per annum
We are looking to recruit two individuals to provide high quality support to those living in the resettlement hostel for young people aged 16-25 York, North Yorkshire
Recuriter: City of York Council

Public Property

Latest issue - Public Property News

This issue of Public Property examines how how flexible workspaces can lead the way in regeneration for local authorities, Why local authority intervention is key to successful urban regeneration schemes and if the Government’s challenge of embracing beauty is an opportunity for communities.

The March issue also takes a closer look at Blackburn with Darwen Council's first digital health hub to help people gain control over health and care services.

Register for your free digital issue