Why your own employees are more dangerous than hackers

Why your own employees are more dangerous than hackers

When we think about data theft, we usually imagine highly trained hackers who make millions out of stealing and monetising our valuable business data. We also picture hacktivists who seek notoriety out of bringing down websites and ransoming stolen data. The reality is much simpler, and in turn more worrying, because it’s the people on our payroll that pose the biggest risk to the loss of sensitive business data –and it’s not just an Edward Snowden that you need to worry about.

Unfortunately, every organisation has at least one insider threat with the potential to cause significant damage to their business. According to the Verizon’s most recent Data Breach Investigations Report, the most common scenario at 60% of insider breaches involves an end-user leaving with data in the hope of converting it to cash somewhere down the line. In 71% of cases, personal information and medical records are targeted for financial crimes, such as identity theft or tax-return fraud, and occasionally just for gossip value.

While these insider threats can be intentionally malicious, most of the time they’re just careless. A recent survey by Imperva revealed that 79% of individuals believe their organisation doesn’t have data removal policies for when an employee departs, and 85% say they often store business data in home computers or personal mobile devices.

Heathrow International Airport found out how dangerous this level of carelessness can be when a USB was found on the streets of London with all the airport’s security data. From early reports, it appears likely that the USB drive was accidentally dropped by someone with genuine access to it or deliberately dropped by someone with bad intel.

With such clear and present risks, how do we possibly protect ourselves against the people we’re supposed to trust?

Before you hire an employee

One thing we know about human behaviour is that it tends to repeat itself. If an individual has been let go from a previous position for careless, unethical, or malicious breaches of sensitive data, a robust prescreening and background check will almost always reveal this to potential new employers. Your best bet for avoiding the worst-case scenarios of insider breaches is to avoid hiring an individual with a history of this kind of behaviour.

You should also develop a clear policy for data access privileges for your employees so they understand from day one their responsibilities for keeping your sensitive business data safe, and the ramifications of any careless or malicious misuse of that data.

After you hire an employee

In the age of machine learning and AI, security systems now have the ability to monitor user access to internal business data to spot anomalies and prevent careless or malicious behaviour. In much the same way the bank will monitor spending patterns to pick out fraudulent transactions, a contemporary security solution should be able to establish a baseline of user access behaviour so that anything untoward stands out.

You might also like
Repeat Fraudster Embezzles over $300,000 Repeat Fraudster Embezzles over $300,000
Navigating Criminal Record Searches for New Hires Navigating Criminal Record Searches for New Hires
Employee Fraud Costs Business $30,000 Employee Fraud Costs Business $30,000
Bank Employees Accept Bribes in Mortgage Fraud Case Bank Employees Accept Bribes in Mortgage Fraud Case
Navigating Criminal Record Searches for Employees Navigating Criminal Record Searches for Employees
IT Contractor Charged In Fraud Had No Background Check IT Contractor Charged In Fraud Had No Background Check
Employee Fraud Is More Common Than You Think Employee Fraud Is More Common Than You Think
Another Day A Different Job — The Gig Economy Another Day A Different Job — The Gig Economy

Business Locations

Australia

Suite 902, Level 9, 50 Berry St., North Sydney 2060, Australia

India

9th Floor, G-Corp Tech Park, Kasarvadavali Ghodbunder Road,Thane West, 400 615

Singapore

101 Thomson Road, #10-1 United Square, Singapore 307591

Beijing, China

1406, 14th Floor, Building 1, No. 9, Hongye Road, Daxing District, Beijing, China 100162

Malaysia

Suites W307 & W308, 3rd Floor, West Wing, Wisma Consplant 1, No. 2, Jalan SS16/4, 47500 Subang Jaya, Selangor Darul Ehsan, Malaysia

Philippines

5/F Science Hub Building, Tower 4, McKinley Hill, Taguig City, Philippines 1634

Hong Kong (SAR)

Unit C, 11/F, On Hing Building, 1 On Hing Terrace, Central, Hong Kong

Taiyuan, China

503 Bldg.2, Zhulian Tower, No.129 Changfeng Street, Xiaodian District, Taiyuan, China 030006

Background Check Services

Criminal Background Checks
Background Check Singapore
Background Checks Hong Kong
Background Checks Malaysia
Background Checks India

Employment Screening Services

Pre-Employment Screening
Background Checks for Employment
Reference Checks
Social Media Background Checks

Business Check Services

Bankruptcy, Insolvency & Credit Checks
Right to Work
Customer Due Diligence

Health Screening Services

Drug Screening
Alcohol Screening
Employment Medical Checks

Identity Verification

Document Verification
Address Verification
Passport Verification
Visa Verification

Integrity Screening

Financial Probity Checks
Directorship Checks
PPSR Checks
Adverse Media Checks
M & A Due Diligence
AML Checks
PEP Checks
Rescreening

About Us

About Us
Privacy
Careers
Modern Slavery Act Statement

Resources

Blog
Compliance
Integrations

Connect With Us

info@sterlingrisq.com
Contact Us
Events Near You
Find us on

© 2023 Sterling RISQ

Ghosting the job interviewGhosting the job interviewCorporate stalkingCorporate stalking: should we be using social media to pre-screen employees...
en_USEnglish
en_USEnglish