He does look a bit shifty, but, more likely, he is clumsy rather than dishonest. A survey of 3,000+ employees and IT practitioners across the U.S. and Europe by the Ponemon Institute. and sponsored by Varonis Systems, reported three out of every four organizations have been hit by the loss or theft of important data over the past two years. This is an increase over 2014 and is due in large part to compromises in insider accounts.
The survey reported that 76 percent of IT practitioners say their organization experienced the loss or theft of company data over the past two years, up from 67 percent in the 2014 version of the study. Respondents reported that insider negligence is more than twice as likely to cause the compromise of insider accounts as any other culprits, including external attackers, malicious employees or contractors. When a data breach occurs, 50 percent of IT respondents say insiders who are negligent and most likely to cause a compromise.
Other things to worry about:
- Outside attackers who compromise insider credentials worry 58 percent of IT respondents
- 55 percent of respondents say insiders are negligent
- 78 percent of IT respondents are extremely or very concerned about the threat of ransomware
- 15percent of the companies represented in this study have already experienced ransomware
- 54 percent were able to detect an attack within 24 hours (good news!)
88 percent of respondents say their jobs require them to access and use proprietary information such as customer data, contact lists, employee records, financial reports, confidential business documents, software tools or other information assets. This is an increase from 76 percent of respondents in 2014. Apparently this is worrisome to those surveyed as 62 percent of end users say they have too much access to confidential corporate data.
If you think that you have access to more data than you need, ask your sys admin to cut you off. It’s like trimming your nails; keep pruning until it hurts a little, then stop. We should also be warning our clients about giving too many permissions away to users who do not need them. If we want to be truly proactive, we can run scripts that report which users are active and which ones have admin permissions, then review the results with the customer.
You can review the whole enchilada of survey results out in the wild here.