Insider Threat Management

5 Suggestions to Help you Integrate ITM in the Workplace

Maintaining a healthy business means you have strong security, full compliance, and the ability to prevent and resolve operational issues quickly and efficiently as they arise. Proofpoint is now a leading provider of server monitoring and auditing technology because it has helped companies do just that.5 Suggestions to Help you Integrate ObserveIT in the Workplace

Maintaining a healthy long-term business means having all of the above and a healthy work environment, where employees trust their employer and vice versa— the kind of trust that inspires people to pull together as a team and achieve company goals. The following is a list of ways to integrate Proofpoint ITM into your company’s network. Because while ITM yields security, transparency yields trust, and communication yields cooperation.

1. Communicate why your company has decided to implement ITM.

Most workers are aware of the very public and numerous security breaches reported in the last several years.  But do your employees understand the full repercussions of a breach? Legal fees, lawsuits, brand damage, tarnished reputations, customer withdrawal, staggering financial costs, loss of documents, legal records, and of confidential customer and employee information, are just some of the potential ramifications,.

Take this opportunity to talk with your team about the importance of network security. And then explain ITM. If people understand what is at stake, it is more likely they will be receptive to comprehensive monitoring.

2. Be straightforward and keep it personal.

Employees need to know what’s happening and why, in a way they can understand.  It’s a good idea to meet with your managers and encourage them, in turn, to meet with their teams, to discuss how your company plans to use ITM. Properly setting expectations that this technology will now be commonplace, and the reasons why, can go a long way to alleviating any concerns employees may have about privacy.

3. Convey what applications are being monitored.

This might be a good time to reiterate corporate policy. What are your expectations? What is acceptable and what is not?  Communicate what applications will be monitored. ITMoffers an INCLUDE/EXCLUDE capability that allows you to tailor what’s recorded. It’s likely you will have many applications that you won’t need to monitor. Communicate clearly and you’ll  enhance employee trust.

4. Reinforce why ITM benefits the company and them.

An excerpt in the Verizon 2013 Data Breach Investigations Report puts it well:

“All in all, 2012 reminded us that breaches are a multi-faceted problem and any one-dimensional attempt to describe them fails to adequately capture their complexity.”

Over the past 5 years, Proofpoint ITM has grown more than 3,500% because its comprehensive technology can see every angle. The camera doesn’t just monitor employees. It captures every action performed by developers, system administrators, employees, and remote vendors.

There will never be any question as to what transpired. In other words, your company won’t have to waste time and resources when getting to the bottom of a security case, and an employee is much less likely to ever be wrongfully accused.

5. Use examples to state your case.

Check out the case studies section on the Proofpoint website. Use examples of companies similar to yours that either suffered a breach, or implemented ITM and found that some of its third-party customers had been mishandling company information.

In some remote vendor monitoring experiences, vendors had attempted to disable the ITM agent to prevent session recording, but Proofpoint's watchdog mechanism prevented them from succeeding.

Some of the biggest breaches in history will hit close to home for some people. The 2013 Target security breach may be among the worst breaches in history, affecting as many as 110 million customers. The hackers used a stolen remote log-in account from a third-party vendor to access a contractor’s login information, where they tested their malware on a small number of Target’s registers totally undetected. It took three weeks to recognize the breach and the hacking software had already spread to a majority of Target’s systems.

Could ITM have prevented such a devastating failure? With most companies exposing their corporate networks to contractors, offshore support teams and outsourcing suppliers, the Target-type breach is possibility for many companies. Providing a precise replay of exactly what takes place during each remote user session is why ITM users can spend less time worrying about security breaches and more time focusing on their business.

Subscribe to the Proofpoint Blog