The British National Party data leak that exposed thousands of
members' details illustrates the insider threat to data security,
says an IT log management firm.
The
BNP faces a data protection probe after a recent membership
list containing personal details was
posted online.
Indications are that the list was released by an internal member
of staff and not stolen by an external hacker, said Ross Brewer,
managing director at
LogRhythm.
"A similar incident could happen within any company or
government body in the country," he said.
The majority of IT professionals believe insiders pose a more
serious threat to data security than outsiders, according to a
study commissioned by network firm Cisco.
Some 20% of more than
2,000 IT
professionals surveyed across the globe identified disgruntled
workers as data security risks.
The study found 11% admitted stealing data or corporate devices,
selling them for a profit, or knowing of colleagues who did.
Some employees admitted keeping corporate information after
leaving their jobs for various reasons, including malicious intent,
the study found.
According to Brewer, all access and transportation of sensitive
data should be strictly controlled.
"All user interaction should be monitored and supported with
automated detection systems," he said.
BNP members have expressed concerns about potential backlashes
and job losses after being exposed as members of the far-right
party.
It is illegal for armed forces personnel and police officers to
be members of a political party and other are in roles where
membership of the BNP may be frowned upon.