Why OpenText
Why OpenText
Overview Why OpenText
OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Manage and connect data
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
AI-ready information
Get AI-ready and transform your data into structured, accessible, optimized information
Built-in security and compliance
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
Empowering people
Overview Empowering people
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
Customers
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Employees
Our people are our greatest asset; they are the life of the OpenText brand and values
Corporate Responsibility
Learn how we aspire to advance societal goals and accelerate positive change
Partners
Find a highly skilled OpenText partner with the right solution to enable digital transformation
How we compare
Content Management
Service Management
Deploy anywhere
Overview Deployment options
Explore scalable and flexible deployment options for global organizations of any size
Sovereign cloud
Local control. Global scale. Trusted AI
Private cloud
Your cloud, your control
On-premises
Free up resources, optimize performance and rapidly address issues
Public cloud
Run anywhere and scale globally in the public cloud of your choice
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Analytics
Overview Analytics
Predict, act, and win with real-time analytics on a smarter data platform
OpenText™ Aviator Search(AI)
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Business Network
Overview Business Network
Connect once, reach anything with a secure B2B integration platform
Content
Overview Content
Reimagine knowledge with AI-ready content management solutions
OpenText™ Content Aviator(AI)
Supercharge intelligent workspaces with AI to modernize work
Cybersecurity
Overview Cybersecurity
Integrated cybersecurity solutions for enterprise protection
OpenText Cybersecurity for SMBs & MSPs
Purpose built data protection and security solutions
OpenText™ Cybersecurity Aviator(AI)
Reinvent threat hunting to improve security posture with the power of agile AI
DevOps
Overview DevOps
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Experience
Overview Experience
Reimagine conversations with unforgettable customer experiences
Observability and Service Management
Overview Observability and Service Management
Get the clarity needed to cut the cost and complexity of IT operations
OpenText™ Service Management Aviator(AI)
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
APIs
Overview APIs
Build custom applications using proven OpenText Information Management technology
OpenText™ Aviator Thrust
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Device and Data Protection
Overview Device and Data Protection
Protect what matters, recover when it counts
Unified Endpoint Management Tools
- OpenText™ Endpoint Management
- OpenText™ ZENworks Suite
- OpenText™ ZENworks Service Desk
- OpenText™ ZENworks Configuration Management
- OpenText™ ZENworks Endpoint Security Management
- OpenText™ ZENworks Full Disk Encryption
- OpenText™ ZENworks Endpoint Software Patch Management
- OpenText™ ZENworks Asset Management
Solutions
Information Reimagined
Overview Information Reimagined
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Artificial Intelligence
Overview Aviator AI
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Industry
Overview Industry solutions
Improve efficiency, security, and customer satisfaction with OpenText
Enterprise Application
Overview Solutions for Enterprise Applications
Run processes faster and with less risk
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Services
Services
Overview Services
Achieve digital transformation with guidance from certified experts
Professional Services
Modernize your information management with certified experts
Customer Success Services
Unlock the full potential of your information management solution
Support Services
Turn support into your strategic advantage
Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Professional Services
Overview Professional Services
Modernize your information management with certified experts
Customer Success Services
Overview Customer Success Services
Unlock the full potential of your information management solution
Support Services
Overview Support Services
Turn support into your strategic advantage
Managed Services
Overview Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Overview Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Partners
Find a Partner
Overview Find a partner
Information is the heartbeat of every organization. We build information management software so you can build the future
Cloud Partners
Overview Cloud Partners
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
Migrate, optimize and manage information management solutions on AWS
Optimize performance and reduce costs with applications deployed on a secure, globally scaled platform
Accelerate migration and modernization with deployment in a highly secure and compliant public cloud
Enterprise Application Partners
Overview Enterprise Application Partners
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Partner Solutions
Overview Partner Solutions
Discover flexible and innovative offerings designed to add value to OpenText solutions
Resources for Partners
Overview Resources for Partners
Discover the resources available to support and grow Partner capabilities
Support
Overview Customer Support
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Resources
Overview Resources
Explore detailed services and consulting presentations, briefs, documentation and other resources
This page is available for the following regions.
Europe, Middle East and Africa
Asia–Pacific
What is an Insider Threat?
Overview
An insider threat refers to a cyber security risk that originates from within an organization. It typically occurs when a current or former employee, contractor, vendor or partner with legitimate user credentials misuses their access to the detriment of the organization’s networks, systems and data. An insider threat may be executed intentionally or unintentionally. No matter the intent, the end result is compromised confidentiality, availability, and/or integrity of enterprise systems and data.
Insider threats are the cause of most data breaches. Traditional cybersecurity strategies, policies, procedures and systems often focus on external threats, leaving the organization vulnerable to attacks from within. Because the insider already has valid authorization to data and systems, it’s difficult for security professionals and applications to distinguish between normal and harmful activity.
Malicious insiders have a distinct advantage over other categories of malicious attackers because of their familiarity with enterprise systems, processes, procedures, policies and users. They are keenly aware of system versions and the vulnerabilities therein. Organizations must therefore tackle insider threats with at least as much rigor as they do external threats.
Best practices of proven insider threat prevention
Types of Insider Threats
Malicious Insider Threats
Also referred to as a turn-cloak, the principal goals of malicious insider threats include espionage, fraud, intellectual property theft and sabotage. They intentionally abuse their privileged access to steal information or degrade systems for financial, personal and/or malicious reasons. Examples include an employee who sells confidential data to a competitor or a disgruntled former contractor who introduces debilitating malware on the organization’s network.
Malicious insider threats may be collaborators or lone wolves.
Collaborator
Collaborators are authorized users who work with a third party to intentionally harm the organization. The third party may be a competitor, nation-state, organized criminal network or an individual. The collaborator’s action would lead to the leak of confidential information or the disruption of business operations.
Lone wolf
Lone wolves operate entirely independently and act without external manipulation or influence. They can be especially dangerous because they often have privileged system access such as database administrators.
Careless Insider Threats
Careless insider security threats occur inadvertently. They are often the result of human error, poor judgement, unintentional aiding and abetting, convenience, phishing (and other social engineering tactics), malware and stolen credentials. The individual involved unknowingly exposes enterprise systems to external attack.
Careless insider threats may be pawns or goofs.
Pawn
Pawns are authorized users who have been manipulated into unintentionally acting maliciously, often through social engineering techniques such as spear phishing. These unintentional acts could include downloading malware to their computer or disclosing confidential information to an impostor.
Goof
Goofs deliberately take potentially harmful actions but harbor no malicious intent. They are arrogant, ignorant and/or incompetent users who do not recognize the need to follow security policies and procedures. A goof may be a user who stores confidential customer information on their personal device, even though they know it’s against organizational policy.
A Mole
A mole is an outsider but one who has gained insider access to the organization’s systems. They may pose as a vendor, partner, contractor or employee, thereby obtaining privileged authorization they otherwise would not qualify for.
How to detect an Insider Threat
Most threat intelligence tools focus on the analysis of network, computer and application data while giving scant attention to the actions of authorized persons who could misuse their privileged access. For secure cyber defense against an insider threat, you have to keep an eye on anomalous behavioral and digital activity.
Behavioral indicators
There are a few different indicators of an insider threat that should be looked out for, including:
- A dissatisfied or disgruntled employee, contractor, vendor or partner.
- Attempts to circumvent security.
- Regularly working off-hours.
- Displays resentment toward co-workers.
- Routine violation of organizational policies.
- Contemplating resignation or discussing new opportunities.
Digital indicators
- Signing into enterprise applications and networks at unusual times. For instance, an employee who, without prompting, signs into the network at 3am may be cause for concern.
- Surge in volume of network traffic. If someone is trying to copy large quantities of data across the network, you will see unusual spikes in network traffic.
- Accessing resources that they usually don’t or that they are not permitted to.
- Accessing data that is not relevant for their job function.
- Repeated requests for access to system resources not relevant for their job function.
- Using unauthorized devices such as USB drives.
- Network crawling and deliberate search for sensitive information.
- Emailing sensitive information outside the organization.
How to protect against insider attacks
You can protect your organization’s digital assets from an internal threat. Here’s how.
Protect critical assets
Identify your organization’s critical logical and physical assets. These include networks, systems, confidential data (including customer information, employee details, schematics and detailed strategic plans), facilities and people. Understand each critical asset, rank the assets in order of priority and determine the current state of each assets protection. Naturally, highest priority assets should be given the highest level of protection from insider threats.
Create a baseline of normal user and device behavior
There are many different software systems that can track insider threats. These systems work by first centralizing user activity information by drawing from access, authentication, account change, endpoint and virtual private network (VPN) logs. Use this data to model and assign risk scores to user behavior tied to specific events such as downloading sensitive data to removable media or a user logging in from an unusual location. Create a baseline of normal behavior for each individual user and device as well as for job function and job title. With this baseline, deviations can be flagged and investigated.
Increase visibility
It’s important to deploy tools that continuously monitor user activity as well as aggregate and correlate activity information from multiple sources. You could, for instance, use cyber deception solutions that establish traps to draw in malicious insiders, track their actions and understand their intentions. This information would then be fed into other enterprise security solutions to identify or prevent current or future attacks.
Enforce policies
Define, document and disseminate the organization’s security policies. This prevents ambiguity and establishes the right foundation for enforcement. No employee, contractor, vendor or partner should have any doubts about what acceptable behavior is as it relates to their organization’s security stance. They should recognize their responsibility to not divulge privileged information to unauthorized parties.
Promote culture changes
While detecting insider threats is important, it is more prudent and less expensive to dissuade users from wayward behavior. Promoting a security-aware culture change and digital transformation is key in this regard. Instilling the right beliefs and attitudes can help combat negligence and address the roots of malicious behavior. Employees and other stakeholders should regularly participate in security training and awareness that educate them on security matters, which should be accompanied by the continuous measurement and improvement of employee satisfaction to pick up early warning signs of discontent.
Insider threat detection solutions
Insider threats are more difficult to identify and prevent than external attacks. They are often below the radar of conventional cybersecurity solutions such as firewalls, intrusion detection systems and anti-malware software. If an attacker logs in via an authorized user ID, password, IP address and device, they are unlikely to trigger any security alarms. To effectively protect your digital assets, you need an insider threat detection software and strategy that combines multiple tools to monitor insider behavior while minimizing the number of false positives.
Related products
OpenText™ Core Behavioral Signals
Proactively detect insider risks, novel attacks, and advanced persistent threats
OpenText™ Cybersecurity Cloud
Defend with precision, secure with confidence
OpenText™ Core Adversary Signals
See how attacks are being carried out and what they’re targeting
