When a new employee joins the organization, you most likely set up their user access and onboard them in the same way. The problem is that not all employees are created equally when it comes to cybersecurity and just one employee can cause a lot of damage. 85% of data breaches have a human aspect, which means that proactive cybersecurity risk mitigation cannot be understated. “Key Security Threats Facing Your M365 Environment and How to Protect It,” a recent webinar from 1nteger’s cybersecurity team, explored two different scenarios in which an employee can wreak digital havoc on an organization.
Scenario 1: Non-malicious employee actions compromise data
Employees don’t always set out to harm their organization. Most of the time, data is compromised due to a desire for convenience. An end user might want to work on something after-hours without bringing home their laptop, so they forward a work email to a non-work email address. While this sounds innocent, anytime an email is forwarded outside of an organization, the information becomes unmanageable, and the organization loses all control over where it might go. Though this seems inconsequential, non-malicious actions can greatly impact data integrity and security.
Scenario 2: Employees set out to intentionally steal data
Unfortunately, there are times when disgruntled employees exfiltrate, or transfer, data in an unauthorized way, such as downloading a customer list from SharePoint and taking it with them to a competitor. Data theft can happen slowly over time, with an employee setting up mail rules to forward sensitive emails to their personal email account. Other times, it can happen very quickly, such as when employees realize that their time is up at an organization and termination is coming soon.
Regardless of the intent, untangling data leaks or theft after the fact is a significant challenge. Further, it’s important to realize that you have more sensitive data to protect than you think. You need to keep it, control it, and manage it.
While you may have cybersecurity support now, the odds are that the traffic in and out of your Microsoft 365 (M365) account is not being monitored around the clock. 1nteger CORE offers managed detection response (MDR) and incident response for M365, plus vulnerability scanning. Our Security Operations Center continuously monitors malicious admin changes, unauthorized email delegate access, multiple failed or unauthorized access attempts, MFA changes, foreign and impossible logins, and suspicious email forwarding rules, all of which could have instantly identified the above employee-related incidents. The ability to act in real time, 24×7, is essential to be able to identify, isolate and remove threats.
Contact 1nteger to learn how you can proactively protect your environment within a few days.