Following the recent Coinbase breach where hackers used bribes to gain access to sensitive customer data, I'm curious about what measures we as system administrators can put in place to prevent such incidents. Specifically, how can we minimize the risk of insider threats like this, and what strategies can we adopt to protect our companies and our clients' data?
3 Answers
Implementing strict access controls can help. For example, limit how many customer records a rep can access daily or only allow access upon triggering events, like calls. Additionally, enforce a clean desk policy to minimize data exposure.
Not outsourcing support would really make a difference. Keeping everything in-house helps maintain control over who has access to sensitive data.
Corporate will insist on their strategic goals that just don't match this. It's frustrating.
It's crucial to avoid letting too many individuals access customer records, and having strict logging of who accesses what can help. Management really needs to choose personnel wisely and ensure they're compensated adequately to minimize risks of theft.
I completely agree! Only letting techs access accounts tied to specific tickets is a smart move.