As widely reported, the US government has called for the insider threat to be addressed by businesses and remedial security programmes developed accordingly.
According to Overtis, a user activity and management security specialist, it is renewing its advice to organisations to place user activity management at the heart of their information assurance strategies.
Overtis says that the US government memorandum outlines the measures to be taken to safeguard classified national security information in the wake of the WikiLeaks revelations.
Specifically, the US government is asking relevant agencies to complete information security assessments and identify any vulnerabilities by later this month.
Infosecurity notes that the self-assessment questionnaire includes the following queries:
- Does your agency have sufficient measures in place to determine appropriate access for employees to classified information in automated systems:
- When IT audit activities indicate that employees are exceeding or attempting to exceed their permissions?
- When IT audit activities indicate that removable media has been introduced and/or data is being written to removable media? and
- When IT audit activities indicate that preset thresholds have been exceeded or when employees `push' data over one-way transfer devices or when data-mining is indicated?
- How does your agency ensure access to classified information in automated systems is limited to those persons who (a) have received favourable determination of eligibility from the agency head or their designee, (b) have signed an approved non-disclosure agreement, and (c) have a need to know the information?
- How does your agency ensure that procedures are in place to prevent classified information in removable media and other media (e.g. back-up tapes, etc.) are not removed from official premises without proper authorisation?
Commenting on the US memorandum, Ed Macnair, Overtis' CEO, said that this is an extremely important document for government agencies and any organisation that values its data.
The reason it is important, he says, is that it recognises that the route to safeguarding classified or valuable information is to take a user centric approach.
"This is completely different to the out-dated alternative of implementing point product solutions that attempt to protect data from a network or gateway perspective", he said.
"The memorandum recognises that applying controls close to the user and monitoring and managing all interaction with information assets in real-time, is the only way to comprehensively protect against misuse or theft, particularly by trusted insiders", he added.