You should also actively monitor and review your security logs and audit trails for any unusual activity or logins. Make sure that staff members are aware of the insider threat and the damage insiders can cause to the organization and potentially their jobs, so they can be vigilant for unusual or suspicious activity. Remember to keep staff aware of any new threats, such as new viruses or phishing emails, so they can be identify potential attacks or data losses.
Too often we read about a security breach that can be linked back to a former employee’s account that was not deleted or disabled when he or she left the organisation. So remember to ensure you remove access to systems for staff that have moved on from the company or have been made redundant.
While it is not comfortable to think of a work colleague being the source of a security breach, it is a real threat and one that needs to be managed properly. Remember, in security as in all parts of life, it is always the people you trust the most that have the potential to hurt you the most.
Brian Honan is an independent security consultant based in Dublin, Ireland, and is the founder and head of IRISSCERT, Ireland's first CERT. He is a Special Advisor to the Europol Cybercrime Centre, an adjunct lecturer on Information Security in University College Dublin, and he sits on the Technical Advisory Board for a number of innovative information security companies. He has addressed a number of major conferences, he wrote the book ISO 27001 in a Windows Environment and co-author of The Cloud Security Rules. He regularly contributes to a number of industry recognized publications and serves as the European Editor for the SANS Institute's weekly SANS NewsBites.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.