Could Your Company Handle an Insider Threat?

If you’ve been following my writing, you know that I believe one of the biggest security threats a company may face is not from outside sources—it’s from their own employees (or former employees). Many companies think they are prepared to handle an insider threat, but are they?

Here are the 5 things your company should be doing in order to avoid an insider threat:

Conduct Background Checks

Be sure to have a standard screening policy in place that includes what checks should be performed for each position as well as what information you need to gather such as previous employment and criminal background checks. In addition to looking for inconsistencies in information, you should have multiple checks done throughout the employee’s tenure with your company (click here to see why).

Monitor Employee Access to Data

Be stingy with who gets access to your data. Only give employees access to data that they actually need to do their job and require all employees to equip their devices with security tools and encryption. In addition, monitor the online actions of your employees—create a system that will alert you to any suspicious activity.

Prevent Viruses & Have a Backup/Recovery Strategy

Implement a strategy and platform that will help you with early detection of malicious codes and viruses and create a plan to ensure that all critical information is backed up and easy to recover should an IT incident occur.

Train Employees

In addition to making sure all of your employees understand what security policies and procedures exist, they also need to understand why are in place and the consequences that come should an employee choose to ignore the policies. Make security part of every employee-training program.

Have an Employee Exit Plan

As soon as you terminate or demote an employee, disable access to data immediately—even if this means disabling accounts.

So, how did your company do? Let me know if you have any questions on how to more fully develop any of the strategies above.

Security First &

2 Responses to Could Your Company Handle an Insider Threat?
  1. Angela
    October 18, 2016 | 1:40 pm

    Great suggestions! Let’s not forget the need to apply insider threat protections to your subcontractors, suppliers, and vendors. As we have seen with newsworthy data breaches like Target, vendors pose a significant insider threat too.

  2. Caitlin white
    October 19, 2016 | 12:53 pm

    This is an excellent blog post and read for the Personnel Security Field. The information is beneficial not only to companies and agencies but to me as anindividual as well.