Guidelines to Identify and Protect Against Internal Network Security Threats

APCON, a provider of intelligent network monitoring solutions, has published a new guide to identify and protect against internal network security threats. The publication, “Safeguarding Your Network from Insider Threats,” highlights the impact of data breaches and internal threats, which despite receiving less public attention, can be just as dangerous and damaging as external hacks. 

The publication highlights two types of insider threats: the bad actor and the negligent employee. 

Not all inside threats are malicious. Negligent employees may unknowingly put sensitive data at risk by simply logging on through an unsecured, public Wi-Fi connection to access the company server. Employees downloading programs could unknowingly receive a virus or an unintentional lapse in security protocols could open the door to a data breach.

Internal breaches can also be much more malicious when, instead of a negligent act, a disgruntled or financially motivated employee is trying to do harm.

- Unusual Outbound Traffic: One of the easiest ways to spot a potential breach is to look for unusual traffic patterns leaving a network.

- Anomalies In Privileged User Account Activity:  Often, more sophisticated attackers will either increase the network activity of a privileged account or will use a compromised account as a stepping stone to get to accounts with higher privileges. Closely monitoring the activity of privileged accounts help prevent this type of a breach. 

- Spikes in database read volume: An increase in database read volumes is a good indication that someone has made it inside of a network and is trying to extract information.

- Data in the wrong places: Data sitting in the wrong locations can be a good indicator of an internal breach that’s about to happen. Often hackers will gather data into one spot before extracting it.

The APCON free eBook is a free, ungated download.