The Enemy Inside the Gates: Preventing and Detecting Insider Attacks
Source: SecurityFocus
It’s nine in the evening in your office building. Most people have gone home long ago, many of the office lights are off, and the janitors are quietly making their rounds. From a single, solitary cubicle comes the familiar blue glow of a computer screen along with the rhythmic tippy-tap of a keyboard. This could be the sound of a dedicated employee working late into the night. But it’s not. Quite the opposite, it is a trusted worker stealing valuable propriety information off the company’s network.
This scenario is becoming more and more common. In today’s information security climate, most of the resources are focused on firewalls and other methods of perimeter protection. The security strategy is aimed at keeping attackers from ever entering a specific network. But what happens when the attacker is already on the network? What happens when the enemy is already inside the gates?