• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Cloud security: Minimizing the insider threat

February 11, 2014 by Secure360 and UMSA

http://www.dreamstime.com/royalty-free-stock-image-cloud-security-blue-done-d-image30705126Insider security is at the forefront of everyone’s minds in the aftermath of Target’s security breach. While the cause of the breach is still under investigation, numerous theories have been offered such as an insider security violation from one of Target’s vendors. Furthermore, Michael’s and Neiman Marcus have also disclosed they’ve suffered a security breach as well. When trusted corporations are vulnerable to external hacks as well as insider security threats, it’s no wonder businesses are leery of making the switch to a cloud environment. While no system is impervious to attack, there are ways to minimize insider threats.

Improve your interviewing/screening process

Security threats are something businesses face every day. Make sure you are vetting and hiring the right candidates to monitor and uphold your data. It’s impossible to prevent human error entirely, but it is possible to minimize your risk. Have candidates run through a series of situational questions or a mock security breach in order to evaluate how they perform under pressure. Your reputation and security should be in the hands of capable and trusted individuals.

Update password and security settings intermittently

Larger corporations usually have established security policies such as password resets. For example,  every 90 days users are required to reset computer or intranet passwords, in order to reduce security breaches. Incorporate similar processes for your cloud security environments. Keep track of when employees enter and leave your employment, and reset passwords immediately. Furthermore, have your employees sign a non-disclosure agreement, in order to protect your client’s sensitive information and your company against litigation.

Limit security information exposure

While this may seem obvious, it’s worth restating. Cloud security passwords, IP addresses or usernames should only be given to those who absolutely need it to perform their role; however, this information should never be limited to only one person within the organization. If there is only one person within the overarching IT department, a manager or supervisor should have access to this information.

Cloud networks may be faster and allow for more data housing, but it doesn’t mean they are impenetrable. Traditional data center security environments provide security cameras, locks and key cards. Meanwhile cloud security primarily falls to extensive firewalls, encryption and monitoring by trusted and competent individuals. In order to mitigate human error, review and evaluate your cloud security settings frequently. Trust no one, be prepared for the worst but have confidence in your team to know how to handle a security breach crisis.

Filed Under: Business Continuity Management, Cybersecurity, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Secure360 Conference
    Secure360 Conference: As much as many of us enjoy it, there are risks to working from home, specifically as we rely more and more on the… https://t.co/S2nuIyWgjk
    about 2 days ago

  2. Secure360 Conference
    Secure360 Conference: The time to register is NOW, because today is the final day to score early bird rates. #Sec360 is the professional… https://t.co/rsIAkxmmCV
    about 3 days ago

  3. Secure360 Conference
    Secure360 Conference: We can never thank our wonderful #Sec360 sponsors enough! Silver Sponsors @AxoniusInc @BlackBerry @Fortinet and… https://t.co/pnYxfkR135
    about 4 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.