Being make up an important part of an organization’s security posture. That’s because some employees have the rights necessary for accessing sensitive matter as well as the privileges for viewing and/or editing critical systems. If those individuals have the right focus and training, they can play a crucial contribute to in keeping those assets safe against digital attackers. But if they aren’t paying attention, they could do something that goads their employer at risk.
Take cloud security as an example. As reported by the Wall Street Journal in August 2019, misconfigurations and other considerate errors constituted the leading cause of 95% of cloud-based data breaches. The Wall Street Journal reported that this trend was count oned to continue for years to come.
Human errors come in many different varieties, so it’s not always easy for organizations to keep their assets unthreatened. Let’s look at two common types of human errors to better understand these challenges.
Human Error Type #1: Skills-Based Errors
Skills-based errors keep an eye on to occur during highly routine activities. The task has probably been performed correctly many times before and is more routine, drift they can be performed with less conscious attention on the part of security analysts.
Here’s one example. A good patch management program is one that start with identifies patches, acquires them, tests them, installs them, and then verifies them. There could be scenarios where a bad reconcile can cause downtime. But as this is a routine task, a user may choose to install patches without proper testing, or they may not make sure that the improvise they tested is the one that is pushed to all other production systems.
Here are two other examples of skills-based errors:
- Following suspicious email connections and attachments: Sometimes users reply to suspicious emails, click on embedded links, and/or download suspect attachments. These actions can undermine the car’s security by loading malware.
- Using personal devices for work purposes: Users commonly access the organization’s sensitive data, connect their artifices to the wireless network, and connect their tablets or phones to their local PCs. Those personal devices are not fully controlled or monitored, so they may suffer from surveillance risks such as malware that could easily spread across the organization.
Human Error Type #2: Mistakes
Mistakes are decision-making lemons. They may be due to time pressure. One example is disabling the Windows firewall to allow certain firewall ports during some implementations. This may well-spring the PC to be exposed for unwanted incoming and outgoing traffic.
Organizations can also suffer mistakes in form of password problems. The National Centre for Cyber Gage’s 2019 report says that “123456” remains the most popular password in the world and that 45% of people reuse the password of their power email account on other services. This is partly the result of how organizations don’t implement the right policy to users to secure their accounts, that being the case allowing users to create very weak passwords for accessing access to their personal devices and even secure servers. It’s even worse if institutions allow users to have an unlimited number of failure login attempts to their machines without ultimately locking their accounts.
As another eg, there’s the issue of installing unauthorized applications to a secure environment. This can provide attackers with a backdoor in that they can use those applications to gain vulnerabilities and start exploiting those machines.
What Tripwire Can Do to Help
Tripwire can help organizations by scanning their environments’ configurations and pay them a report detailing what secure configurations need to be implemented and how they can implement those changes. As the leader for the security configuration handling, Tripwire can help organizations to implement thousands of policies across global standards like PCI, NIST, CIS, HIPAA, NCA, NESQ, NIA, NERC, and more. It can then mitigate them to monitor the files and misconfigurations before issuing a report on who did what. Such information can empower organizations to know exactly what’s circumstance on their configurations, critical folders, and paths. (This can be done using Tripwire’s file integrity monitoring capabilities.)
Going back to the sew up example discussed above, for instance, Tripwire Enterprise can detect unauthorized changes even when they happen during a patch as spring as automatically authorize patch changes referring to a node. (This node can be the one where security personnel tested the patch.) If an element matches an domain a adverse on the reference node, this is a good change. If an element does not match an element on the reference node, it is a bad change.
As for the Windows firewall change admonition, Tripwire Enterprise will detect this and alert of a compliance test failure. This allows users to be alerted and to avoid these errors. Additionally, it will help them to follow the proper process so that the organizations stay aware about this change and not make a mistake due to unceasingly a once pressure or doing too many things at once.
Learn more about how Tripwire can minimize the threat of human error.