Onboarding Best Practices to Mitigate Insider Threats
Proper onboarding best practices to mitigate insider threats include training to educate employees and reduce the likelihood of insider threats from day one. When quizzed, employees only provide correct answers to 78% of cybersecurity questions. This disappointing level of awareness places companies at significant risk for breaches resulting from ignorance and errors.
Dangers of Deficient Onboarding
A significant number of companies fail to provide sufficient onboarding experiences for their employees. Thirty-eight percent of IT professionals report a wait period of two to four days before employees receive the access credentials required to do their jobs. In 27% of companies, employees go without access for more than a week.
Companies face one of two problems during this time:
• Employees do little or no work, resulting in lost productivity and profits
• Well-meaning colleagues share credentials, which may allow access beyond the scope of new employees’ roles
Credential sharing is just one consequence of insufficient cybersecurity education during onboarding. Employees and contractors are responsible for 48% of all business data breaches, and a great many incidents can be attributed to user ignorance. Unless cybersecurity training is an integral part of the onboarding process, employees use the systems without the ability to understand, identify and avoid security risks. In addition to leaving networks vulnerable to hackers, employee ignorance may also lead to compliance issues, which can be costly from both a legal and financial standpoint.
Determining and Enforcing Access Needs
Improper provisioning can either prevent employees from accessing essential tools and data or provide a level of access inappropriate for a particular role. To prevent bottlenecks and minimize risk, companies need to map out the access requirements for each role and establish identity and access management (IAM) policies to protect sensitive data.
Because privileged accounts can be particularly difficult to manage, businesses with large amounts of sensitive information may require tools to support zero-trust protocols. In a zero-trust environment, user identities are validated by numerous factors beyond basic role-based provisioning. Companies lacking the agility to implement granular access policies face the challenge of manually monitoring accounts, adjusting privileges and deprovisioning departing users.
A combination of detailed IAM policies and reliable access control tools makes it possible to provide employees with first-day access, thus reducing losses associated with decreased productivity. Automating the deprovisioning process ensures proper revocation of access rights and prevents employees from accessing resources they no longer need or logging in after tenure with the company has ended.
Conducting Security Training
Cybersecurity education must be an integral part of onboarding. Handing employees a guide to company security policies and assuming they’ll read and understand all the information provides little or no protection against insider threats. New hires are already overwhelmed with forms and other paperwork; another packet is likely to be given a cursory glance before getting filed, thrown away or forgotten.
IT teams and cybersecurity experts have the expertise to craft onboarding programs with a focus on employee education and can guide executives in proper IAM protocol implementation and enforcement. Employee instruction should include:
• How to recognize and report phishing attempts
• Adhering to a clean desk policy
• Proper password storage and management
• How to report security incidents and breach attempts
Employees should also be informed of additional security measures, such as monitoring and the use of artificial intelligence and machine learning. While these tools are often necessary to prevent breaches, they can also have an impact on employee privacy and must be executed with discernment.
Implementing Strict Rules for Software Use
The pursuit of convenience presents an additional cybersecurity challenge in business environments. Delays in software implementation can leave teams struggling to be productive with a suite of siloed legacy applications. Employees, especially those in younger generations, are used to seamless experiences when interacting with technology. The resulting frustration leads chief information officers to bypass IT teams in purchasing decisions up to 90% of the time.
Because these programs aren’t made subject to company IAM policies, such aggressive use of “shadow IT” puts company data at risk. An estimated one-third of successful cyberattacks will be launched on shadow IT programs by 2020. Of companies experiencing attacks, 60% go out of business within six months. Therefore, it’s imperative for IT teams to choose and implement user-friendly access management solutions and update tools as needed to support integrations and streamlined employee experiences. Employees must be made aware of the dangers of shadow IT and instructed in proper procedures for application approval prior to use.
Starting employees off with a solid understanding of security procedures and enforcing strong IAM policies supports accountability and minimizes breach threats. IT teams must work with executives, HR and other key players within businesses to design and implement frictionless IAM using data and feedback from real-world use cases. Additional monitoring services and routine vulnerability assessments provide support to create robust, reliable cybersecurity protocols.