From: FedTech
Data breaches caused by federal employees, either knowingly or unwittingly, are a major concern at agencies, but security controls are not enough to tackle the threat.
***
“If you get too restrictive, shadow IT pops up,” Westervelt says. “That could be something as simple as an employee bringing in a cellphone and using it as a mobile hotspot to bypass the organization’s network, which could introduce a lot of different threats.”
Common tools for preventing and detecting insider threats include privileged account credentials, tamper-proof auditing programs and continuous monitoring tools that track employee behavior. Essentially, agencies must restrict access to sensitive data, track who accesses it, and pinpoint and investigate anomalous behavior.
Leave a Reply