Insider risk: Are you monitoring employees working outside your network?

Every employee is hired to do a job, but every employee also represents a potential risk to their company. In the past year, 68% of employers have noted an increase in insider attacks. The top attacks include fraud, monetary gain and IP theft and cost companies millions of dollars.

One major reason for an increase in insider risk in the past year is remote work. Not only are people outside of their manager’s physical view, they are often working outside of their company’s network. Companies need a new approach to ensure they have the insights to help stop insider attacks.

The Shift to Remote Work Creates Blind Spots

With millions of people now working from home, the concept of work has changed forever. Weekly one-on-one meetings are now on Zoom, and there’s little water-cooler chatter. This means that managers may have a harder time identifying employees that may pose a threat to the company, and employees may feel less loyal to their employer. From small acts of theft such as sharing customer contacts with a competitor, to crimes such as embezzlement, remote work can make it easier for managers to miss signals that someone may be likely to act out.

In addition to remote management, employees also have more technical freedom. For years it was the norm for employees to be logged into a computer from an office. When in the office, employees are automatically connected to the company’s network. This gives the company the ability to easily monitor the activity on each computer in a centralized way. CIOs can ensure that passwords are updated and sensitive files are not accessed by anyone who isn’t allowed to use them. HR managers are able to check email accounts and chat conversations to ensure no one is being harassed. And there is a trail of information should any employee decide to commit theft or fraud — from keystrokes to website visits — all of the information would be owned by the company.

As the pandemic shifted millions of jobs to the home office, CIOs found that their computer networks became more difficult to maintain. There are costs and inherent security risks in VPN and other remote access, and so many companies have allowed employees to work each day on a computer that is not tied into the network.

This creates a huge number of endpoint blind spots for companies. Individuals may log into specific company platforms, which can be traceable, but are also able to do whatever else they want on their computer with little or no oversight. Creating any kind of case would require some serious investigative work, including physically obtaining the computer from the remote employee.

Bringing Remote Workers Closer

The combination of physical distance from the office as well as working outside of the network makes it too easy for employees and other insiders to be emboldened. At the same time, many people have dealt with a variety of stressors over the past two years, from the pandemic to adjusting to a work-from-home environment. Without the ability to meet in person, managers need a new way to ensure employee well-being and raise red flags if employees appear to be a risk to the company.

Update management training: For example, managers should receive updated training to help them make better connections with remote employees, help them to successfully onboard new employees and look for changes in behavior or signs that someone is unhappy.

Create risk best practices: Everyone in the company should be made aware of insider risk and be given information about how to report potential risks to the correct people in the organization.

Invest in remote insider risk technology: Especially important, companies need to invest in technology that provides the insight that is missing outside of the network. Insider risk technology that works at the endpoint or device level ensures that there are no more blind spots, and companies have the ability to monitor and identify possible issues. Predicting risk is a multi-faceted challenge. For example, for emails to be a marker of risk, the count, the timing, the attachment types, the recipients, the content sentiment all play together to attribute an action as risk. It’s not a manual task and hence unique solutions are required. What’s more, insider risk technology built for remote work can help companies that are victims of an attack — enabling them to quickly and easily build a case.

Insider risk has changed considerably with the rise of remote work, and it’s important for companies to change, as well. With updated communication, management, and technology in place, companies can stop insider risk and embrace the positives of remote work.

Jay Godse is Head of Product and Technology at Awareness Technologies.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.