If you’re concerned about the security of your organization’s data you should be looking out for elofants on your network. I’ve seen them myself and, if your organization’s network is statistically average, then it is statistically likely to be harboring at least one ELOFANT, otherwise known as:Employee Left Or Fired, Access Not Terminated. While nobody wants to think ill of persons who have departed the organization — they could have been colleagues and friends — the harsh realities of cybersecurity and human nature make these unterminated “ghost accounts” a threat to the organization. Namely, they put the confidentiality, integrity, and availability of the organization’s information system security at risk. I will talk more about the risks and responses right after some data to back up my assertions.
Network ELOFANTS and other insider threat insights from the DBIR and beyond
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.