Encryption and the Insider Threat | Smart Thinking Solutions

Before I start this week’s Wednesday Bit, let me send you over to read this first – you need to understand the value I put on encryption:

Encryption or Not Encryption

The real-world case for encryption

The other week I got introduced to a new client under difficult circumstances – this is not something new in my line of work. Many clients come to me after they have a problem, not before (when we can put some cyber security cut-outs in place).

The basics of the issue was a senior member of staff had become an issue and we were trying to find a way through the incident – that meant I had to email one of the directors. After Diana and I had crafted our reply and before sending the email I fell back on my favourite cyber security tool – a cup of coffee and time to think.

The Real Insider Threat

As part of this incident, I had learnt that the member of staff had taken control of the M365 Global Administrator account – something they were perfectly entitled to do because of their position in the company – and that got me suspicious. To quote Spider-Man:

“With great power comes great responsibility.”

This person had already demonstrated a lack of responsibility – so I encrypted the Word document before emailing it to the director.

I was right!

My email was witnessed arriving in the director’s inbox but before they could read it, it was deleted – and not to the deleted items folder. Global Administrator gives someone unlimited rights in the organisation’s M365 but it should not extend to deleting other people’s emails because you do not want them to be read.

…and the password for the Word document?

If the person who deleted the email was hoping I was going to email over the password to the same account – something I have seen many, many times – they were disappointed. I sent that by text to a verified mobile number belonging to the rightful recipient of the email. I also resent the email to a private email belonging to the recipient.

Encryption Works

Encryption is a simple tool to add to your cyber security defences and it works in keeping things secret.

Clive Catton MSc (Cyber Security) – by-line and other articles

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

The real-world case for encryption

The Real Insider Threat

I was right!

…and the password for the Word document?

Encryption Works

Further Reading