"Companies need to make it clear to their employees from day one that they are being monitored," Kerry Anderson,vice president, information security group, FMR Corp.
I found some interesting data about forms of insider threat that I am going to share in this post (21 Nov 2006 | SearchSecurity.com | By Bill Brenner, Senior News Writer).
Anderson, a vice president in the information security group at Fidelity Investments Brokerage Company, has seen a variety of troublesome insiders in her career. What are the types? here it is:
1. There's the saboteur who tries to deface critical company data because they have an axe to grind against their bosses or fellow co-workers.
2. Then there's the sole living expert -- someone who has been around so long they think they own the network. They want everyone to be dependent on them, so they manipulate the network in a way to make other employees come to them to access certain pieces of data or perform certain network functions.
3. people who have what she calls the hero syndrome. They break something on the network so they can fix it and be seen as life savers.
"If something is breaking every three weeks and the same person is fixing it, I'd start taking a look at them," she said
These threats can damage companies seriously, but don't worry, whatever the insider's tactics or motives may be, Anderson said there are some common warning signs to look for. check this out:
1. someone who isn't getting along with managers or co-workers and may be preparing to leave the company. If someone is leaving under unhappy circumstances, there's always the chance they could sabotage network data on the way out the door, she said.
2. Companies must also keep an eye on people who may start working hours when nobody else is around. Anyone who suddenly changes their normal work routine bears watching, Anderson said.
Also there are some preventives:
a. "People need to understand that their computers are for business only and that they can be disciplined or even fired for using them for anything that isn't business related," Anderson said.
b. IT security professionals also need to watch for personal technology that could put the company at risk, she said. Cell phones with embedded cameras, for example, could be used to photograph and transmit sensitive data.
While these are important steps, Anderson acknowledged that companies can't prevent every insider-related incident.
"A lot of internal fraud goes unreported because it's embarrassing," she said.
If there is a security breach, companies must be honest about it and come clean publicly, she said. Otherwise, the company's reputation and the security of their customers could take a bigger hit later.
3 comments:
IN this fraud world all companies need one CIA to investigate about their employee!!!!!!!!!!!
What can be the main reasons for such inside threats? Employees’ motivation, lack of security, not well training ….
And just having a perfect IT security and monitoring employees work will be enough to avoid these inside dangers?
How does law act against them?
For different type of insider threats, there are different reasons. For example for careless employees who endanger company's critical data, the reason is mainly lack of education and knowledge. On the other hand for other types, as Kerry Anderson has explained, reasons can be hatred, hero syndrom and etc.
However I belive by creating good system security and also by understanding insider threats and employees' motive and tactics, we can lower the risk.
In different type of insder threat cases, law act differently. for example in the case of careless employees, usually they don't compromise the company's network on purpose, thus in most of these cases they are innocent.
Post a Comment