ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: IF004.002
  • Created: 31st May 2024
  • Updated: 22nd September 2024
  • Platform: MacOS
  • Contributor: The ITM Team

Exfiltration via AirDrop

A subject exfiltrates files using AirDrop as the transportation medium.

Prevention

ID Name Description
PV016Enforce a Data Classification Policy

A Data Classification Policy establishes a standard for handling data by setting out criteria for how data should be classified and subsequently managed and secured. A classification can be applied to data in such a way that the classification is recorded in the body of the data (such as a footer in a text document) and/or within the metadata of a file.

PV003Enforce an Acceptable Use Policy

An Acceptable Use Policy (AUP) is a set of rules outlining acceptable and unacceptable uses of an organization's computer systems and network resources. It acts as a deterrent to prevent employees from conducting illegitimate activities by clearly defining expectations, reinforcing legal and ethical standards, establishing accountability, specifying consequences for violations, and promoting education and awareness about security risks.

PV009Prohibition of Devices On-site

Certain infringements can be prevented by prohibiting certain devices from being brought on-site.