Companies tend to overlook the fact that stolen data and other vital information can be the result of malicious behavior on the part of their own employees. These IT security concerns may be a rude awakening to businesses that keep loose network policies for workers' convenience, but the reality is that businesses can never be too careful in their efforts to protect sensitive data. Even if an employee seems trustworthy during his or her time at an organization, allegiances can quickly shift when a new, more lucrative opportunity arises.
Every business would rather be safe than sorry
Because it is so difficult to monitor the behavior of workers without strict security policies, many companies fail to properly supervise their employees' use of data and which files they access. A recent article from Dark Reading explored a Stroz Friedberg study revealing the overwhelmingly lax state of network security with regard to databases and applications.
Around 90 percent of employees surveyed said that they use personal email addresses and public cloud networks to handle work-related material, while 58 percent revealed that they accidentally sent sensitive company information to the wrong recipient. Some individuals surveyed openly admitted to sending similar information to others at will. These are numbers that should not be tolerated by any IT security strategists, let alone business executives.
"Our inaugural information security survey demonstrates that companies need to address high-risk security behaviors within the workplace at all levels with a proactive risk mitigation plan," Michael Patsalos-Fox, CEO of Stroz Friedberg, stated in the report.
Threats exist from the bottom to the top
Low-level employees are too often subjected to scrutiny by C-suite executives looking to mitigate insider threats, but the Stroz Friedberg report showed that more than half of senior managers said they had brought sensitive company resources with them to their next job. Only 20 percent of lower-level workers made the same claim.
Bank Info Security recently provided business leaders with a series of suggestions to help reduce the ever-increasing risk of insider threat. In light of this past year's developments at the National Security Agency, the article urged IT departments to steer clear of government contracts when partnering up to run background checks on employees. Examinations cannot be thorough enough. Although workers may be bothered by exhaustive amounts of monitoring, companies will be thankful for these policies down the line.