With the sudden shift to telework in recent months, many aspects of cybersecurity have changed. In the case of insider threats, the focus has shifted to the unintended consequences of having everyone accessing sensitive data from home. Since September is National Insider Threat Awareness Month, it’s a great time to break down why securing tablets and smartphones is a major part of preventing insider threats.
The National Insider Threat Task Force (NITTF) defines an insider as “any person with authorized access to an organization’s resources.” Whether it’s from the Department of Defense (DoD) or the Department of Homeland Security (DHS), efforts to combat insider threats have focused on suspicious activities, such as misuse of classified information. The reality is, insiders, more often than not, become threats unintentionally – whether it’s by clicking on a phishing link or downloading malware to their smartphone. This can also happen when the user unknowingly downloads an app that shares personal or location data with servers in countries that pose a risk.
Mobile security may not have been previously prioritized as part of an organization’s security strategy. But as federal employees continue to access sensitive information from home and using their mobile devices, this has to change. Federal agencies must implement comprehensive mobile security adhering to a Zero Trust framework with continuous monitoring of the devices’ health.
We behave differently on mobile devices
While both mobile devices and desktops can have the same access to agency data, what sets mobile apart is the way we use them. Because we carry them around with us all the time we consider them to be a trusted device. This means we react to messages more casually, including phishing messages – potentially putting ourselves and our organizations at risk. It doesn’t help that there are now endless ways for phishing links to be delivered to a mobile device, from SMS, to social media and messaging apps. Phishing attacks are also harder to spot due to the smaller screen and simplified user experience, which hides a lot of the tell-tale signs we have been trained to look for on a desktop.
These threats continue to grow and cannot be ignored – federal government mobile phishing encounter rates rose from 17 percent in the final quarter of 2019 to 40 percent in the first quarter of 2020. As agencies look to protect data against insider threats on mobile devices, they need to tackle two areas: workforce education and mobile security. Agencies need to make sure their workers recognize mobile-specific threats and know how to identify common indicators of phishing attempts.
Agencies also must protect devices with a strong mobile security strategy that encompasses all threats, from app, device, phishing and network. Comprehensive mobile security protects against insider behaviors like clicking and sharing links loaded with malware.
Trust no devices
Not all mobile security solutions are equal and adopting a Zero Trust strategy is essential. Zero Trust approaches have gained momentum in recent months, especially through initiatives like NIST’s Zero Trust Architecture, and they’re critical to defending against insider threats.
Traditional security models default to trusting all devices inside the network, leaving the network open to internal misuse. At the same time, typical identity access management solutions only renew identity tokens every 24 hours. This can be long enough for a breach or significant data loss to occur.
A Zero Trust approach offers greater control over who is accessing an agency’s network by continuously monitoring the health of all devices accessing the network. Security can be compromised by insider threats coming from all devices, including mobile, making it essential to constantly validate all users and all devices. By only allowing device access when they are free from compromise, agencies ensure only healthy devices connect to platforms storing sensitive data.
You need to permanently secure your teleworkers
National Insider Threat Awareness Month is a reminder of the importance of detecting, deterring and tracking dangerous insider threats.
While the coronavirus pandemic accelerated the shift to telework and increased mobile device use, this is nothing new. A lot of your workers have already been working outside your office perimeter for a while now.
With telework not going anywhere, it’s critical that agencies continue to educate their workers to stay vigilant of mobile-targeting threats, implement robust mobile security solutions and adopt a Zero Trust security strategy. These approaches will mitigate insider risks and prepare agencies for a dynamic and unpredictable security landscape.