Insider threats are growing rapidly in terms of both incidents and costs. According to the 2020 Cost of Insider Threats Global Report by the Ponemon Institute, the number of incidents increased by 47% between 2018 and 2020, and the average cost of an incident increased by 31% to $11.45 million.
And those statistics were based on research conducted before the COVID-19 pandemic made the situation even more fraught and perilous.
Now organizations are dealing with a massive shift to remote and work-from-home users, many of whom have had little training and minimal awareness of compliance policies and requirements. Remote work is also driving new regulations in industries, countries and regions. The shift to cloud models can add even more complexity.
While potential malicious attacks continue to be a concern, the larger fear is a spike in activities by remote employes who may not even be aware they are exposing the organization to inadvertent security risks and compliance violations.
As the world of risk management looks to become far more complicated, organizations are turning to integrated, end-to-end tools to get it under control.
Simplifying Insider Risk Management
If you are responsible for IT, cybersecurity, compliance or risk management in your organization, how can you mitigate risk of gaps in compliance and data privacy, particularly in today’s era of more ubiquitous remote work?
Here’s one trap to avoid: Too many point solutions that have to be managed and integrated separately, thus limiting your ability to have end-to-end visibility, policy management, enforcement and remediation. This model can be a nightmare in dealing with insider threats, which can come from anywhere and remain undetected until they begin causing damage.
Here’s what you need to successfully mitigate insider risk in this new world of remote work:
- Compliance tools that are native to your cloud platform and integrated to work with one another so that they can be managed from a single unified platform and work in harmony to limit risk.
- End-to-end vision, mitigation and remediation that is built in and not bolted on so you can seamlessly manage compliance, privacy and security across all devices, applications and data.
- A cloud compliance platform that uses automation, artificial intelligence and machine learning, with the flexibility to reach across all of your environments and not just within the provider’s cloud.
What To Look For In a Solution
Among all cloud providers, Microsoft is uniquely positioned to provide this level of end-to-end protection because customers can seamlessly incorporate critical compliance capabilities as part of the widely used applications they already use to run their day-to-day businesses.
For example, insider risk management is a solution in Microsoft 365. It enables organizations to define and manage insider risk policies and then detect, investigate and act on malicious and inadvertent activities. Cases can be escalated to Microsoft Advanced eDiscovery, allowing the organization to take quick and appropriate action to remain compliant.
The insider risk management solution provides unified, end-to-end management to define, identify and act upon potential compliance threats. The solution includes insider risk management of workflows and management policy, along with modules for alerts, triage, investigations and action. The solution is built on four guiding principles:
- Transparent: Organizations can balance user privacy versus organizational risk with a privacy-by-design architecture.
- Configurable: Configurable policies can be based on a number of factors, such as industry, geography and business groups.
- Integrated: Integrated workflows across Microsoft 365 compliance solutions simplify management and accelerate responses to threats.
- Actionable: Insights, automation and intelligence enable rapid user notifications, data investigations and user investigations.
Empowering the New Workplace
Having built-in, end-to-end compliance has been transformative for organizations in supporting remote workers and customers during COVID-19. For example, Frost Bank in San Antonio is a Microsoft 365 customer using all of the solution’s security and compliance components. To read more about Frost Bank’s customer success story, check it out here.
The bank was on a path to using Microsoft Teams, but when the crisis came, the migration timeline was accelerated almost overnight. Having an end-to-end solution with built-in compliance and data protection was a godsend, according to Glenn McClelland, Endpoint Architect at Frost Bank.
“We went from about 20% on the compliance score to 80 in the first 10 days, then the high 90s,” McClellan said. “Watching that compliance score throttle up in just over 10 days was a nice road map for us to get where we needed in a dire time of need.”
Supporting remote workers with security and compliance protections was seamless. Within a week, the bank had to support, secure and maintain compliance for more than 5,300 employees now working from home.
“We had to adjust to the fact that employees were not outside the walls of the bank,” McClellan said. “How could we make security and compliance follow them? It was easy when we used Microsoft Teams, and it was simple to layer Compliance Manager and other tools in our Microsoft 365 arsenal over Teams for highly secure and compliant collaboration.”
Taking the Next Step
Insider threats to compliance data protection were a growing problem before COVID-19. In the new workplace, their potential for damage is even more profound. Fortunately, organizations can take advantage of existing tools and technologies to achieve a cost-effective, unified and end-to-end approach to managing and mitigating insider threats.
For more information on how your organization can leverage advanced compliance solutions to address insider threats, please visit Microsoft.