Avoid Insider Threat Disasters that Become Verbs

Avoiding insider threats

Avoid Insider Threat Disasters that Become Verbs

By Adam Levithan | February 10, 2016

We've started out the New Year and Matt and I have already been discussing two words that will be added to the Webster's dictionary for 2016. Those words are … 'Snowdened' and 'Hilaried'. This is not a political manifesto but for us, we'd love a penny for every time they are mentioned. Why are these words important, because there is now no doubt in agencies' and organizations' minds that securing digital assets is a priority.

Matt tackles 'Snowdened' Insider Threats

I can't count the amount of times speaking with non-SharePoint users, who know what I do, pointing to me as if just because Snowden was a SharePoint Admin I could turn around and steal all their content. But the truth turns out that because of working for the last five years with governance, permissions management, and compliance issues with our customers I know what the problem is. The problem is that the best intentions, and strictest policies, to put a governance plan in place are typically thwarted by a lack of enforceability. It is a shame, because for a vast majority of your user base they will abide by the governance, but Snowden proves that there are users who require automated systems to support governance.

Adam complains about 'Hilaried'

Raise your hand if you have a personal email account alongside your work email. Keep it raised if you've ever forwarded work email to your your personal email. Don't worry, I won't report you, this is the essence of 'Hilaried', but at a much smaller scale. How would IT staff tell someone at such a high level of power, 'I'm sorry that doesn't follow our IT governance policy.' For IT to deliver this message they need to be aware of anomalous type of behavior.

The above examples show that the old security paradigm does not apply anymore. This is the benefit, and detriment of collaboration technologies. On purpose, more people have access to more information at any time, from almost any device, and are encouraged to share. No longer does being in a physical building, having a digital firewall, or having multiple factor security permissions stop 'Snowdened' or 'Hilaried' activities. The enforcement of governance must include: Knowing where your sensitive content lives, knowing the permissions around that content, how the information is being shared, and know how that content is being used.

What we'd like to let every reader know, before you use the words 'Snowdened' or 'Hilaried', is that the issue is not about the actions of one person, but the evolution of information sharing as a whole. Using a SharePoint specific example, the word 'permission' does not show its face until you are an administrator, what all users see is 'Shared With'. This is indicative of digital content being the center of our focus instead of the systems that contain it. We promise that the technology exists, now it's time to use these recent events to change how we, as a whole, approach securing our digital assets.

Leave a Comment

Add new comment

Adam Levithan 2018

Adam is a Group Program Manager of Secure Collaboration at Exostar and a Microsoft MVP advocating for collaboration by connecting business needs with the right technology. Prior to Exostar, Adam was a Product Manager for Migration at a market leading ISV and a Practice Lead for Office 365 in a cutting-edge Microsoft Consulting firm. Over the last decade Adam has been responsible for moving customers to the cloud, designing and implementing information architecture (SharePoint Farm and content) and increasing user adoption. Adam is an ongoing member of the SharePoint Saturday DC coordinating committee and active speaker at many national events.

Written By: Adam Levithan