How to protect yourself from insiders?

U

Ulrich2016-04-13 06:40:56

Information Security

Ulrich, 2016-04-13 06:40:56

Professionals, we need your help!
We have: a small company (up to 60 people), engaged in geology and geodesy. I am admin. Management suddenly decided that it was time to protect themselves from information leaks, in particular from insiders. Budget: 0 rubles, i.e. using commercial solutions is not an option. Broken even more so. Don't offer to quit either :) Two children, a loan, you know. Interested in specific methods of dealing with leaks "on their own". The servers are all on Linux.
Here's what I came up with:
1) Turn off the Internet for those employees who, in principle, do not need it. For the rest, use whitelists of sites.
2) Access to the ball "work" only for those who have access (geologists and surveyors), the rest of the staff to close.
3) Remove old projects from the "work" folder, leaving only the current ones. Old archived, also with limited access.
4) Use only corporate mail (now half of the employees use mail.ru)
5) Prohibit writing to physical media (already done using group policies)
6) SAMBA audit (who opened which files, deleted them, etc.)
What other real methods you can offer?
Comrades, let's get to the point! It is clear that we will not be able to protect ourselves 100%, but to the maximum complicate attempts to steal documents

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

O

Olya Minzyuk, 2016-04-13
@ulrich-schnauss

Here is an approximate list of internal documents that you should have:
Regulation in which you determine the composition of information that is confidential to your organization;
Regulation on the preservation of confidential information;
Instructions on the procedure for allowing employees to access information constituting confidential information;
Regulations on special office work and document circulation;
Regulations on work with foreign clients and their representatives;
The obligation of the employee to maintain confidential information;
Reminder to the employee on the preservation of trade secrets.
Also, if I were you, I would include a clause on the preservation of confidential information in the contract with counterparties (For example, sanctions are prescribed when a threat to confidential information is realized).
In general, it is reasonable to approach the construction of a system for protecting information from insider from the point of view of law, organizational measures, and software and hardware solutions.
Here is a good textbook on information security, although it is from 2004, but the main points are well spelled out lc.kubagro.ru/zi.pdf
research, it accounts for the bulk of the loss of confidential information).

V

Vladimir Kuts, 2016-04-13
@fox_12

Management suddenly decided it was time to protect themselves from information leaks

A venture doomed to failure.

E

e2-e4, 2016-04-13
@e2-e4

Internal regulations, SIEM (available open source), training, personnel testing, DLP, email archive, network separation

M

mace-ftl, 2016-04-13
@mace-ftl

In such a situation, I myself wrote a DLP system, and there is a lot of software on the topic)))
Are there security guards in the office at all? For if not, then it’s stupid for you to have an additional hemorrhage, even if the solution is free - then monitor the data with your hands anyway ...
If it only increases the amount of work for you, but doesn’t increase your salary - I don’t recommend doing anything at all, oddly enough - they will appoint you as extreme

A

Alexey Ulyanov, 2016-04-21
@mercury4

The document management system with the differentiation of rights, the history of views and edits is also a useful tool. But I'm not sure that there are free worthy options.