Avoiding the Three Insider Threat Scenarios

For all the time spent protecting networks against external threats, it will never prevent data theft.  That’s because nearly half of all data breaches come from an insider threat – people inside your organization.

When most people think of internal technology threats, they think big.  Who has access to our administrator accounts?  Who in IT or upper management might be disgruntled?  Who has little enough to lose that they’d risk bringing down our entire network on the way out the door?

In reality, it’s often the small actors that can cause big problems.  Here are three scenarios of insider threats – consider how each of them could happen at your organization.


insider threat data leak

Scenario #1 – The Overly Helpful Salesperson

Salespeople understand the value of connections.  They also understand the value of information.  In their zeal to help their new employer, they sometimes leak confidential information gained in their previous jobs.

Sometimes, it’s only a name and a number – it might even be a slip of the tongue.  Sometimes, it’s more nefarious – a list of their top contacts.  But the worst case scenario is that a major portion of your customer relationship database walks out the door when a salesperson leaves.

While it might not be the type of insider threat that shuts down your network, this can actually be far worse in the long run.  This salesperson is using information you’ve spent years collecting to compete against your company.  And if their new employer knows about the data breach and is equally unethical, the whole company can use the information to target your business and poach your clients.

Risk Mitigation: Train employees on confidentiality, require Non-Disclosure Agreements and protect your customer relationship database from data exporting.


Scenario #2 – The Overly Helpful Employee

Do you have an employee that goes out of their way to help anyone in the office get things done?  The ones that take the lead on difficult projects without a clear owner, and pursue it to completion just because it’s the right thing to do?  If you’re lucky enough to have one or more of these, you’re probably thankful.

Unfortunately, not everyone is deserving of their help.  When a co-worker sends an email asking for access to a line-of-business application, it might not be their co-worker after all – it might be a criminal posing as their co-worker, trying to gain access to your network.  These types of ‘phishing’ emails are especially dangerous against employees that do whatever they can to help someone out.  Unless you’ve trained your employees to be vigilant against these types of threats, you’re only ever one well-meaning email reply away from data theft. It’s an unintentional insider threat, but an insider threat nonetheless.

Risk Mitigation: Train employees against phishing tactics and forbid password sharing between employees.


Scenario #3 – The Disgruntled IT Worker

Although it’s not the most common scenario, it is one worth considering: an internal worker with network access decides to leave behind a mess on the way out the door.  Because you have to entrust some employees with the “keys” to your network, it’s impossible to avoid this risk entirely.  But by minimizing network-wide access and selecting employees that are responsible, referenced and risk-averse, you can reduce the threat.

Risk Mitigation: Hire carefully and try to minimize the number of people with full network access.

Want to know more about how to protect your organization from these scenarios? Call us at 919.779.0954 or contact us online.