Secure employee access to prevent insider threat

With the bank failures of recent weeks, more pending redundancies and a continuation of the downward slide, should we be concerned about lax security? Is...

With the bank failures of recent weeks, more pending redundancies and a continuation of the downward slide, should we be concerned about lax security? Is someone minding the store while all this is going on or should we be doing something more when the banks are going bust?

In seeking to provide a detailed response for the above questions, views have been sought from the wide community of the BCS Security Forum Strategic Panel (SFSP), writes Andrea Simmons, Consultant Forum Manager at the BCS Security Forum.

The major factor in determining the likelihood that one organisation, compared to another, has greater losses due to information security, is the relative stability of the two organisations.

In other words, even an organisation with very good security can find it is effectively more vulnerable than an organisation with poor security if it is going through a period of change, such as redundancies, cost-savings, mergers or outsourcing. Organisations going through such changes should be advised to raise their security posture during this period, when they may find themselves vulnerable as well as becoming a target of opportunity.

In the current economic climate it is clearly difficult seeking budget but in many ways, the security budget needs to go up during a recession - risks are higher, the threat is greater, both inside and outside.

Another key concern has to be the increased potential for fraudulent activity. Individuals are feeling the pinch and may find themselves in a position where they become susceptible to coercion, carrying out activities for personal gain and the profit of others at the expense of their employer.

The required controls remain the stalwart standards:

a) Access control - constantly review access rights and ensure that individuals only have access to the systems they need to operate for business functionality rather than personal desire. This includes the need to close down unused accounts.

b) Monitoring - review administration rights, their creation and propagation. Restrict rights as much as practicable. Monitor for internal suspicious activity.

c) Backup and restore - this could be even more critical - they need to be tested and resilient to insider attack.

d) Site access - ensure physical controls are as tight as they can be too - watching out for strangers and those not wearing identity passes. Also maintain vigilance over delivery and loading areas.

e) Social engineering - deliver punchy messages to all employees regarding the need to be vigilant in watching out for those seeking to socially engineer personal information or organisational proprietary details that could be used to perpetrate fraudulent activity.

These are all well-known and fundamental security counter-measures. In the coming months and years the security and resilience of your organisation may depend on them.

Read more expert advice from the Computer Weekly Security Think Tank >>

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.