10 things that any business can do to fight the insider threat – cybersecurity

protect your business informationWe have all heard about the threat to an organisation that a staff member can do.   From having stealing critical information, running an embezzlement scheme or just being a pain in the ass, an insider threat can cripple an organisation in a minimum amount of time.

So what can you do to protect yourself from an employee going rogue?

Background checks

It is critically important, in today’s business world that you make sure you are getting the person that appears on paper.   So after the basic weeding out process and before the offer of the interview you need to check the truth behind the resume.   In most cases, a quick check of references and a look at social media will give you an inkling into a person’s character, capability and attitude.   If there are no obvious contradictions then it is safe to proceed to the next level.   (You could also use a psychology test as supplied by www.thewhitehousereport.com.au)

In addition to this when someone leaves, cancel their access as soon as possible.   Relationships can sour and it is best that when someone has left that they no longer have access to any part of the organisation.

This is doubly important, if you are firing someone.   Before you go through the actual process of firing them make sure they have no access to your systems.

Acceptable use

The insider can quite easily steal your time and money by not actually doing anything illegal.   Staff members who spend a lot of time on social media, especially when they are supposed to be working can have a detrimental effect on not only the business but also on staff morale.

Make sure that you have policies in place that specifies what people can and cannot do with business assets.

Least privileges

Staff members should only have access to information that they need access to do their jobs.   In the case of small and medium business, you have to make a conscious decision that you cannot trust everyone.   By not trusting everyone you are actually protecting your business.   The larger the organisation the more need there is to separate working areas and capability.

Administrator privilege

In any Organisation there should be only a minimal number of administrators.   In most areas there is a need to ensure that staff and users only have access to what they need to do the job.   The administrator account should not be used except for administration.   It should never be associated with an email or webmail account.

All administrators should have separate logins to do normal work.   This reduces the risk of being compromised as well as ensuring that only minimal access to the administration of the business.

Separation of duties

In a really small organisation this is very hard to do but in larger Organisations there should be an action process to spend money from credit cards and bank accounts.   There should be a separation to ensure that one person is not authorizing and acquitting invoices and payments.

Job rotation

There are 2 reasons for this.   It allows you to build resilience into the business because a backup person has access to the processes that the business needs in an emergency.   The second reason is it allows for training of personnel in the roles and as an audit.

Mandatory holidays

Everyone needs to go on holiday.   In most cases 2 – 4 weeks is mandatory.   It allows for recharging batteries as well as protecting the organisation from someone going rogue.

Auditing

Most if not all accounting packages have an auditing feature.   This feature needs to be running at all times to ensure that you can check all transactions occurring within the organisation.

Auditing can also be employed to track other components of the business including information being passed through email, cloud based technologies and cloud based storage.

Data loss prevention technologies

There are number of software packages and hardware systems that allow you to monitor and manage information leaving your organisation.   From restricting USB devices, to cloud storage systems are available to ensure that your trade secrets are not leaving your organisation.

End point protection

This last point is more a solution to one of your people getting infected through malware.   If you have done all of the other nine point’s then malware will have little impact on the organisation if it does get past the end point protection systems.

In addition there should always be 2 levels of end point protection – at the firewall and on the devices, preferably using different vendors.   If malware gets past one it may not get past the second.

These 10 Ideas will ensure that your organisation is better protected from an attack from an employee or staff member.

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and educator on cybercrime and how to protect yourself from the digital world.

Posted in IT Security, Managed Security Services, Managed Services, Security Advice, Trouble Free Technology and tagged , , , , , , , , , , , , .