July 15, 2017

[FREE E-Book PDF] Insider computer fraud

Insider computer fraud an in depth framework for detecting and defending against insider it attacks

Insider is defined as “one who has special knowledge or access to confidential information” and threat is defined as “an expres- sion of an intention to inflict pain, injury, evil, or punishment; an indication of impending danger or harm; or one that is regarded as a possible danger.” Putting this together, an insider threat is anyone who has special access or knowledge with the intent to cause harm or danger.

Depending on the levels of access someone has, there are different categories of insider:

  • Pure insider : is an employee with all the rights and access associated with being employed by the company.Typically, they have keys or a badge to get access to the facility, a logon to get access to the network, and can walk around the building unescorted.They can cause the most damage because they already have most of the access they need.
  • Insider associate : Insider associates are people who have limited authorized access. Contractors, guards, and cleaning and plant services all fit under this category.They are not employees of the company and do not need full access, but they need limited access.  
  • Insider affiliate : An insider affiliate is a spouse, friend, or even client of an employee who uses the employee’s credentials to gain access.This can be as simple as a friend coming to visit you, so you get them a badge for the building. When you take a phone call they go to use the rest room and on the way back they wander around looking at what is on people’s computers and on their desks. While this can cause some problems it can usually be controlled. 
  • Outside affiliate : Outside affiliates are non-trusted outsiders who use open access to gain access to an organization’s resources.Today, one of the best examples is wireless access. If a company sets up an unprotected wireless access point, what stops an outsider from connecting? Nothing.Therefore, if an outsider is sitting at a Starbucks across from your office building and connects to your wireless network, are they breaking into your network? No.You are leaving the door wide open and they are wandering in.This is the same as leaving the front door unlocked with no access controls or guards, allowing anyone to walk in off the street. 

0 Comment:

Post a Comment

Comment are ♥♥♥