TechWeb's Internet Evolution Debuts 'Mitigating the Insider Threat' Video Tutorial

IT-Harvest's Richard Stiennon cites "privileged" users as major vulnerability, calls for more effective monitoring, stringent enforcement of acceptable-use corporate computing policies

Apr 16, 2009

Enterprises face innumerable external threats -- hackers, viruses, organized cyber-criminals -- but companies also need to protect themselves from internal threats in the form of their own users, says Richard Stiennon, chief research analyst for the IT-Harvest consultancy. And that includes everyone from the CEO to the IT department and the average departmental desktop, he notes, in a video tutorial posted today on the Internet Evolution Website.

  Click here to view the 12-part tutorial:

Stiennon also points to "privileged" accounts owned by administrators and the accounts used by programs or servers to communicate with one another, also known as "super-user" accounts, as particular liabilities. That leads to "no accountability, no logging of individual behavior, no control, which grants plausible deniability to anyone who abuses those access privileges." Getting a firmer grip on these privileged accounts is one of the key challenges in fighting insider threats.

Stiennon encourages enterprises to enlist their intrusion detection systems (IDSs) to provide alerts on network and application activity that indicate insider abuse: file transfers, use of scanning tools, unusual behavior at odd times of day. "If you have a security information system that can filter logs and alerts, use it to give you better pattern recognition," Stiennon advises. "Use your desktop configuration tools to lock down desktops."

Stiennon also offers these recommendations where locking down internal data is concerned:

  --  Identity and Access Management (IAM) tools, which include
      authentication, provisioning, entitlements, alerting, reporting, and
      compliance, are required in order to see and control who has access to

  --  Encryption, long thought to be a catch-all protection, is of limited
      usefulness, since the insider can still see sensitive data and, in
      turn, send credit card numbers via SMS to an accomplice, for example.

  --  Let users know you're watching them. Remind them about acceptable use
      and confidentiality policies, and then alert them every time they
      attempt to violate the policy, whether it's browsing an inappropriate
      Website, using Skype or AIM, or accessing Web-based email.

Economic disruption leads to increases in malicious insider activity as well, and the attending economic uncertainties and smaller budgets often make it hard to implement new protections, according to Stiennon. "You can still do a lot to counter the inside hacker with tools at hand. You just have to use them."

About Internet Evolution

Internet Evolution ( is part of TechWeb, and hosts more than 140 world-famous Internet experts -- such as Kevin Mitnick, once the most-wanted computer hacker in the world; Dr. Lawrence Roberts, inventor of packet switching, and one of the world's foremost authorities on telecom network architectures; Vint Cerf, Vice President and Chief Internet Evangelist for Google; and Craig Newmark, the founder of -- all of whom are addressing today's critical socio-economic issues within its ThinkerNet blogosphere. In March 2009, Internet Evolution won three prestigious Min's Best-of-Web awards, including Digital Team of the Year, Best Community/Social Networking Site, and Best B2B Magazine-Branded Video.

About TechWeb

TechWeb (, the global leader in business technology media, is an innovative business focused on serving the needs of technology decision-makers and marketers worldwide. TechWeb produces the most respected and consumed media brands in the business technology market. Today, more than 13.3 million* business technology professionals actively engage in our communities created around our global face-to-face events, Interop, Web 2.0, Black Hat, and VoiceCon; online resources such as the TechWeb Network, Light Reading, Intelligent Enterprise,,, and The Financial Technology Network; and the market leading, award-winning InformationWeek, TechNet Magazine, MSDN Magazine, and Wall Street & Technology magazines. TechWeb also provides end-to-end services including next-generation performance marketing, integrated media, research, and analyst services. TechWeb is a division of United Business Media, a global provider of news distribution and specialist information services with a market capitalization of more than $2.5 billion.

*13.3 million business decision-makers: based on number of monthly connections

About United Business Media Limited

UBM (UBM.L) focuses on two principal activities: worldwide information distribution, targeting and monitoring; and, the development and monetisation of B2B communities and markets. UBM's businesses inform markets and serve professional commercial communities -- from doctors to game developers, from journalists to jewelry traders, from farmers to pharmacists -- with integrated events, online, print and business information products. Our 6,500 staff in more than 30 countries are organised into specialist teams that serve these communities, bringing buyers and sellers together, helping them to do business and their markets to work effectively and efficiently. For more information, go to

  Amy Averbook
  TechWeb's Internet Evolution
  (212) 925-0020 x112

First Call Analyst:
FCMN Contact:

SOURCE: Internet Evolution

CONTACT: Amy Averbook, TechWeb's Internet Evolution, +1-212-925-0020

Web Site: