|
|
|
|
|
|
by mike_d
1933 days ago
|
|
|
In the vast majority of situations where I have seen unauthorized use of data in this fashion it was customer support people. All the encryption in the world doesn't help if you build tools that allow relatively low paid and under-trained employees to access the data at will. Effective things you can do to reduce risk: - Deploy honeypot accounts that email multiple people if they are accessed
- Create a two-man system that requires a second person to approve "risky" things
- Require a 2FA token for your internal tools
- Email the user when they log in from a new IP address
- Have support staff use two different browsers - one to access the ticket system and another to access internal tools
|
|
|