Malicious insider yet again played a key role behind a data breach. Last month a well-known British accounting Software firm suffered a security breach after one of its employees got hold of the customer information using an internal login. By gaining unauthorized access to a privileged account, the fraudster in early thirties, compromised the personal details and bank account information for workforces of more than 200 UK firms.
Following the incident, the company’s shares took a beating, although it recovered gradually.
But more than the valuation such incidents hurt organizations’ reputation in the market. More worryingly, legal implications could make such incidents more costly for companies. It’s an extremely embarrassing situation for any company.
The Information Commissioner Officer (ICO), which focuses on keeping the personal data safe in the UK, is investigating the matter. In the UK, a law makes it mandatory for companies to safeguard the highly classified information like personal data of people. If the company is found lacking in having preventive measures in place, it could risk investigations and possible punishments from the law enforcement agency.
The incident reemphasized organizations’ lackadaisical attitude towards safeguarding the data. Compliance managers, in many cases, pay not much heed to data prevention. As data has become a commodity, risk of thefts always lurk. In this backdrop, organizations need to ponder over how effective is their Identity and Access Control Management.
Theft from insiders now accounts as the third biggest source of data breaches following accidental breaches and attacks from malicious outsiders, according to Breach Level Index 2015.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behavior Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.
Need a solution for safeguarding critical IT assets? Please contact us