What is one security concern neglected during tough economic times? The resurgence of insider threats. A recent article in Computer World (IT Wary of Insider Attacks) brings this point into sharp focus.
Layoffs and job uncertainty contribute to stress and financial hardship. So it follows that an employee in a position of trust who feels about to be downsized out of work may either slam the door on the way out or take something marketable in lieu of pay – without bothering to gain permission.
Indicators of such betrayals of trust include people who start working long hours for no business reason or seek to gain access to networks, files, or business activities that would not normally fall within the purview of their normal duties.
What to do? Information technology professionals will lean in favor of more monitoring, usually with software or network administration tools – their comfort zone, as the article suggests.
However, there are more arrows in the quiver of the security manager. One of the best techniques for countering such vulnerabilities is to organize the work space to eliminate dark corners. This makes it difficult or impossible for any worker to hide or lurk alone in areas where he or she can take advantage of the employer’s resources. Another old-fashioned, low-tech tactic is to actually talk with employees, treat them decently, and still terminate their access to the employer’s crown jewels once it is necessary to let them go. Give them the severance package without forcing them to go through the motions of working for a final two weeks. Level with them and do your best to let them leave with a little dignity. This reduces ill feelings and gives them less motivation to seek out revenge through sabotage.
- Nick Catrantzos
Friday, October 31, 2008
Subscribe to:
Posts (Atom)
