6 Steps to Protect Against Insider Threat from High-Risk Employees

Share and earn Cybytes
Facebook Twitter LinkedIn Email



In a public service announcement the FBI stated that disgruntled and former employees cost companies anywhere between $5,000 to $3 million dollars in cyber incidents after leaving the organization.

According to recent research from Gartner, “seeking harm and revenge on employers is a bigger incentive for insider threats than is stealing money.”

This is why, when an employee turns in his notice, is written-up for an infraction, is generally disgruntled, or believes they may be part of a reduction in force, it’s time to put your Insider Threat Program into action.

Here are 6 tips to protect against Insider Threat from high-risk employees:

  1. Enforce strict data policies. Securing your company’s intellectual property should never be a secondary priority. The moment someone is hired, policies that regulate how data is transferred and handled should be made clear.
  2. Immediately change the password access to computers when an employee leaves.Additionally, make sure third party services also know of this employee’s termination so they can de-authorize their account.
  3. Ensure departing employees do not have company data on personal devices. Before a high-risk employee leaves the organization, check whether they have company data on their personal computers, mobile phone, tablets, etc.
  4. Regularly review employee access controls.If there’s no need for an employee to access a particular account, revoke their permission. Additionally, consider restricting the use of remote login applications or cloud storage applications on corporate accounts.
  5. Educate employees on best practices for creating and maintaining strong passwords. Avoid using shared logins and passwords for desktops, servers or networks. As tedious as it might be, every password should be long and varied with numbers and text. Make it mandatory for employees to change their passwords on a quarterly basis.
  6. Take advantage of monitoring technology. , they’ll be much less likely to copy files they should not have access to, email proprietary information outside of the company, or print large amounts of confidential data. User activity monitoring is one way that companies can figure out exactly what happened and who is responsible for security violations.

Employees with a grudge have a lot to gain. They can use stolen data to get a competitive advantage in a future job, sell data over the black market, make fraudulent transactions or publicly release damaging information about internal practices. They are also capable of restricting access to company websites and disabling critical functions, incurring significant costs, and running risks that your company does not want to take.

Without an Insider Threat Program, many companies will end up reacting to a breach instigated by a high-risk employee, instead of preventing one. Ensure the safety of critical company data with an Insider Threat Program that includes User Activity Monitoring to guard against high-risk employees and other threats. Start today with a FREE 15-Day Trial of ObserveIT.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About ObserveIT
ObserveIT is a user monitoring and investigation solution that identifies and eliminates insider threats. It continuously monitors user behavior and alerts IT and Security teams about activities that put their organizations at risk. ObserveIT provides comprehensive visibility into what all users are doing, while meeting compliance standards and reducing investigation time from days or hours to minutes.
Promoted Content
[report] 2018 Cost of Insider Threats: Global Organizations
According to The Ponemon Institute’s report, “2018 Cost of Insider Threats: Global Organizations,” the average cost of an insider threat annually is $8.76 million. It’s critical for organizations to understand the main causes of insider threats, because detecting insiders in a timely manner could save millions of dollars. Depending on the industry and size of company, the cost of an insider threat varies dramatically. Check out the full report to see The Ponemon Institute’s findings, and understand how to detect and prevent insider threats in the future.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?