You can install
all the firewalls you want, use the most advanced and up-to-date antivirus
software there is, but one thing remains constant. The insider threat is very
real. And it is sometimes the most difficult threat to your information systems
to detect. Ask Bradley Manning or Edward Snowden how real the insider threat
is. There are ways to reduce the insider threat. One way is for an organization
to routinely review what type of access to which systems each employee
maintains. Then determine if that access is necessary for the position they are
filling. If the answer is no, remove that access. The organization should also
maintain a meticulous log of what accesses, and by what means, each employee
has. Other employees should be aware of their surroundings. If an employee all
of a sudden doesn’t like what the organization is doing, they could be a threat
to that organization’s information systems as an insider.
Another step an
organization can take is routinely check activity logs where employees access
the various systems. If an employee is becoming disgruntled, it wouldn’t take
much for them to install some type of software that could still give them
access to the organization’s information systems if they are terminated. The
activity logs could show this.
While
there is no way an organization can completely eliminate an insider threat,
there are steps they can take to minimize the threat of an insider attack.