The DTEX i3 team has issued a new Threat Advisory following recent investigations linking the use of multiple personal accounts on corporate devices with side gigs and the spread of extremist materials.
The i3 Threat Advisory highlights how lenient security policies surrounding personal accounts and corporate data are making organizations more vulnerable to data loss, including unauthorized and accidental disclosure.
The normalization of hybrid workforces has seen an increase in the intermingling between employees’ corporate and personal identities. As organizations strive to ensure a productive work environment, many are allowing access to personal webmail on corporate assets at the expense of security.
The Threat Advisory along with last year’s Okta customer support breach, where an employee’s compromised credentials on a personal device led to data exposure for 134 customers, highlights the importance of segmentation of personal and work life.
Specific cases investigated by the DTEX i3 team include:
- Links to extremist groups – in one investigation, an employee used their employer’s infrastructure plus multiple personal webmail accounts to spread extremist material. After further investigation it was discovered that the employee was quietly supporting a terrorist organization and actively distributing Jihadi propaganda and training material.
- Side gigs – several investigations have seen employees perform side jobs during business hours. Examples of side jobs include realty, selling/reselling cigars, or other goods, taking on government contracts, having a second job in the same field as their current job and using corporate R&D for their side gigs.
Early Detection for Data Loss Prevention
The DTEX i³ Threat Advisory includes actionable insights for mitigating the risks associated with the use of multiple identities, including:
- Monitoring for use of personal webmail
- Providing targeted security awareness training and education on the risks
- Providing all employees with corporate devices to perform their work duties
- Limiting access to corporate data and assets from non-corporate assets
- Allowlisting corporate mail applications and websites on corporate devices.
DTEX customers can also access unique potential risk indicators to plug directly into the InTERCEPT™ platform via the customer portal.
Read the full Threat Advisory on Detecting the Use of Multiple Identities or, alternatively, Contact i3 to request a Threat Briefing.