Insider threats become primary security concern
ManageEngine says that companies in the region are more concerned with internal security than external threats
Companies in the region are increasingly deploying solutions to counter ‘insider' threats, according to Bala Venkatramani, marketing manager, IT Security Solutions, ManageEngine.
Venkatramani said that interest in solutions to counter threats that come from inside the organisation, rather than outside, is growing in the UAE and Saudi, in part due to recent security incidents.
"The awareness level of IT security is really growing in the UAE," he commented. "The primary concentration is on bolstering internal controls. That is one of the biggest concerns presently, especially for banks and financial institutions. They are facing a lot of security issues, not just from outside their firewalls, but also from inside.
"The insider threat is one of the main things that companies are worried about. It is a complex problem to tackle, you trust your employees, but if someone decides to turn bad, you don't have control."
Venkatramani highlighted the recent cyber attacks on RAKBANK and Bank Muscat, which cost the banks some $45m in total, which many in the industry believe will have had some level of insider involvement.
"The investigation is going on, but the common assumption is that this could not have happened without the hand of an insider, they might have provided some vital information to the hackers," he commented.
To bolster security inside the company perimeter, organisations are deploying more solutions to both control access, and to monitor activity. Solutions for better management of passwords, including ManageEngine's Password Manager Pro, which it was promoting at the recent GISEC exhibition, can give companies more robust control over who has access to passwords, and how they are administered. Organisations need to have better control over issues such as revoking temporary passwords automatically once the need for them has expired, understanding what passwords an employee has ownership of, and being able to automatically terminate all passwords related to an employee who leaves the company.
"The easiest way to do internal controls is controlling access to the administrator passwords of your IT resources. The IT administrator passwords give unlimited access. Normally companies are storing their passwords just in Excel sheets or print outs, and they share it with team members," Venkatramani said.
Another important area of security control is in monitoring the activities of staff. ManageEngine is offering solutions that will allow constant monitoring and recording of all activities on a network, for both forensic purposes should an event occur, and preventative measures, so that suspect behaviour can trigger automated alerts to admins, who can then remotely terminate access to stop unusual activity. Companies should also consider solutions to monitor login activities, failed logins and other behaviour, to see who is doing what on a network, and solutions to track network change and configuration management, which will help prevent any security issues that might be caused by mis-configuration of network devices.