WORKFORCE CYBER
INTELLIGENCE AND SECURITY

BLOG

A Human-centric Approach to Operational Awareness and Risk Management.

World Backup Day: How Insider Threats Intersect with Data Backup and Best Practices for Insider Risk Management

World Backup Day is a great time to review the basics of backing up data, and looking ahead to 2022, insider risk management is one key areas to focus on when it comes to data backup. A backup is an additional copy of data and can include an array of corporate information like emails, messages, or even employee photos. Data backup is often used as a precaution in case there is loss, destruction or corruption of the original copy. As such, many organizations prioritize backing up data and view it as a worthwhile practice. However, there are some new things enterprises should consider when it comes to backing up corporate data in today’s digital and distributed workplace.

Today we sat down with Armaan Mahbod, Director of Security and Business Intelligence, Counter-Inside Threat here at DTEX Systems, to discuss best practices for insider risk management in the context of data backup and how workforce cyber intelligence can protect against insider risks and threats.

When it comes to data backups, how can organizations determine an employee’s intent to protect against data exfiltration?

At the most basic level, anyone who handles data is an insider risk. In the post-pandemic era of hybrid work, users are unnecessarily backing up data due to a lack of understanding from or trust in their IT systems and staff. In fact, our 2022 Insider Risk Report identified a 72% year-over-year increase in actionable insider threat incidents.

What differentiates insider risk from insider threat is intent. Sometimes, back up and data activities are intentionally done with good intent. Other times, these threats are characterized by malicious intent with plans to execute actions to steal or release data or sabotage corporate systems. To evaluate intent, it’s important to look at how the individual normally performs these behaviors related to data backup and compare it to the actions around what they did today.

Regardless of their security maturity journey, it’s critical for organizations to understand the who, what, why, where, and when: knowing where the data came from, who has interacted with it, the sensitivity of the content, and more.

While we’re talking about insider threat, what are the important questions organizations and security teams should be asking themselves when evaluating their backup strategy?

World Backup Day is a great reminder for organizations to take a step back and evaluate their backup approaches, which should be simple in most cases. Organizations utilizing cloud-based tools should already have content backed up for all users. If company data is server based, there should be a separate mechanism in place. Regardless of the backup process, employees do not need to utilize other mechanisms to access data unless their function explicitly requires it.

That said, the DTEX i3 team is seeing an increase of users backing up data unnecessarily. When evaluating their backup strategy, organizations should be asking themselves questions such as:

  • How effective is my internal communication around data backup and security?
  • Have our IT and security teams considered hosting a company-wide training on data backup and proper ways to access company data?
  • Where is this backup data being stored? (local, offsite, virtual)
  • What is our solution to protecting data backup files?

Celebrate World Backup Day the right way this year by ensuring your backed up data is protected from insider risks. Reach out to our team today to learn more about how DTEX can help you manage insider risks and secure your workforce.