Dealing with the insider threat

February 2017 Information Security, Infrastructure

The threats to businesses from insiders covers areas such as malware deployment, but also fraud and sharing of company data with unauthorised third parties. When looking at insider incidents, research company Gartner says about 62% of these involve employees looking to establish a second stream of income from their employer’s data, while 29% steal information when they leave to help them in the future. Only 9% are saboteurs.

Protecting your business from threats like these, even simply preventing someone from taking a customer contact list, is not that easy in an environment where data is freely available. Employees often have customer lists, business plans and other sensitive data on mobile devices – laptops, tablets and smartphones – which is reasonable as it can assist them in making sales and servicing customers. But how does a business ensure this data does not end up supporting a competitor’s organisation?

Teramind has developed a range of solutions to combat the insider threat. The solutions are available either as a hosted or on-site system, where employees and data are automatically monitored. The cloud and on-site systems function identically. Moreover, the company is also pushing out a series of behavioural analytics that can identify suspicious behaviours and raise an alert, or even lock down the suspected user.

The employee-monitoring solutions are installed on users’ computers and monitor everything they do, from application usage through to email, even including web-based email offerings like Gmail. Management is able to draw reports and trends of behaviour, while ensuring that specific data is not sent out of the company.

Teramind’s behaviour monitoring application is able to create a baseline of acceptable behaviour for users, highlighting any anomalies and reacting in accordance with company policy – which could allow manual or automatic lockdown in extreme cases. This year will also see the company releasing departmental monitoring, which monitors standard behaviours in departments, again reacting to anomalies as prescribed in the client’s policy.

Administrators are also able to customise their monitoring applications, to exclude Gmail from the monitoring process, for example.

The company is running a pilot site in South Africa and is expanding its reach in the region. Currently, local companies offering the Teramind solution include Telecommunications Solutions (crispin@telecommunicationsolutions.co.za) and infoGuardian (dylan@infoguardian.com)





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Cybersecurity needs actual intelligence before artificial intelligence
Information Security AI & Data Analytics
Cybersecurity depends on interpretation. A tool can tell you that something unusual has happened, but people need to determine whether it is a genuine risk, the business impact, and how to respond without causing unnecessary disruption.

Read more...
Duxbury Cybersecurity sharpens reseller offering
Duxbury Networking Information Security News & Events
Duxbury Networking has strengthened its Duxbury Cybersecurity business unit by adding WatchGuard and Cynet, giving South African resellers broader, more integrated coverage for the security risks customers are now asking them to address.

Read more...
NEC XON detects and stops ransomware attack
NEC XON Information Security IoT & Automation
Ransomware attacks rarely begin with chaos. More often, they start quietly, with probing, mapping, and patient reconnaissance inside a target’s network. That was the situation facing a global recruitment firm when cybercriminals attempted to navigate its systems.

Read more...
Sara AI Pentesting available in South Africa
Information Security News & Events
Synack and Wolfpack Information Risk are offering Sara AI Pentesting to organisations across South Africa, helping companies move from point-in-time testing to continuous security validation with AI and human expertise.

Read more...
Sophos establishes South African legal entity to strengthen local operations
News & Events Information Security
Global cybersecurity company, Sophos, has announced the formation of its local legal entity, which will support local invoicing, partner enablement, compliance requirements and expanded regional investment.

Read more...
From drone market growth to application-level commercialisation
IoT & Automation Infrastructure
After years of pilot projects and technology validation, the question for the market is shifting from whether drones can fly safely and collect data, to where they can deliver repeatable operational value at scale.

Read more...
Cybersecurity in a digitally connected security industry
SA Technologies Information Security IoT & Automation
As more organisations move towards digital visitor management, cloud-based access control, mobile applications, biometric verification, and connected security platforms, cybersecurity must be viewed as part of the full security environment.

Read more...
Enterprises must prepare for digital conflict
Information Security
Cyberattacks can be launched remotely and at scale. A coordinated attack launched from anywhere in the world can disrupt supply chains, shut down utilities, or expose millions of customer records within minutes.

Read more...
AI-enabled NVR for Milestone XProtect
Surveillance Infrastructure Products & Solutions
As surveillance environments continue to grow in scale and complexity, organisations need infrastructure that is easy to deploy, simple to manage, and ready for AI-driven workloads.

Read more...
71% of organisations suffered an identity breach
News & Events Information Security
The State of Identity Security 2026 report from Sophos finds human error and poor non-human identity management are the root causes of most attacks, as agentic AI accelerates the risk.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.