Friday, August 21, 2009

Trust, but Insure, pt 2: Firewalls won't stop an employee with access

As I preached in a prior post (Trust, but Insure), employees have weaknesses. In today's economy, an otherwise angelic employee may be easily influenced by a bribe in exchange for network access.

Below is a great blog entry from Dave Stelzl, The Profit Program, who writes about the potential catastrophes of information theft. Companies should consider Network Security Liability to protect themselves from liability claims that will arise from the release of confidential information.

Insider Threat makes the perimeter useless
Posted: 20 Aug 2009 07:50 AM PDT

Well Fargo in the news for bank fraud? This article came from a recent workshop attendee at Heit in Colorado, a company that specializes in bank security. It’s actually a common thing for insiders to take advantage of systems they know, for personal gain. Organized crime syndicates sometimes employ someone inside a bank with the title money mule – someone who helps them gain access to system inside the bank. In the linked article below, there is no mention of organized crime. Instead, the article reports an insider charged with gaining access to bank accounts and using the money and credentials to create credit cards, debit cards, and pay down their personal debt. It looks like they have at least 35 years imprisonment coming; maybe more.

The sales tip – insider threat is real. Firewalls, VPNs, and a bulletproof perimeter (which is never the case) won’t protect companies from this threat. Let’s face it, there is no perimeter in today’s borderless network world.

http://sacramento.bizjournals.com/sacramento/stories/2009/08/10/daily81.html?ed=2009-08-14&ana=e_du_pub

No comments:

Post a Comment