OUR OWN WORST ENEMY? but privileges should be accompanied by controls, with segregation of duties for example,” said Hansen. As such, employee monitoring and recognizing threat indicators are key elements in safeguarding a company against the insider threat, along with educating nonsecurity managers about threat indicators. Often, activity a security professional would recognize as a threat, nonsecurity personnel don’t, noted one asset protection professional. “You need cyber-awareness training all the way up to the C-level,” added Ireland. Once triggered, an insider’s behavior will often reveal their activities if an organization has positioned itself to notice it. Carr said common indicators may include failing to follow security protocols, questionable downloads or data transfers, changes in computer and phone use, and printing off large amounts of material. Data security tools, improved by AI, are a necessary layer of protection against rogue insiders, said Ireland. “IT activity needs to monitor for anomalous activity. Why is she coming in and downloading documents at 3 a.m.?”
Alexander Softog / Shutterstock.com
temporary privileges extended to an employee while companies fill positions are never revoked, according to Sherri Ireland, CISSP, president of Security Exclusive, a cyber and physical security consulting firm. “It’s happened to me when I would oversee another department Life-Cycle Personnel companies who would like to while they were looking for a new hire,” Management For showcase their solutions in this section, she noted. “It’s really important to audit Knowing that insiders are disgruntled please contact LPM’s Media Strategist, Skidmore, at 972-587-9064 orto viamake sure your employees have access first and strike later,Ben experts focus on the email at BenS@LPportal.com. they require to do their jobs and nothing connection between them. Within the gap, more than that.” Organizations tend to they suggest opportunity. If managers, who do a good job advocating for the concept supervise technical workers and others in of “least privilege,” but they often do an unique positions to do harm, recognize incomplete job of auditing whether they performance and behavioral problems as a follow it, she warned. possible security issue—and communicate Security controls also tend to grow it as such—then retail organizations can lax around long-time employees, which better prevent incidents. runs counter to the actual threat. Several experts advised security “Major employee fraud typically occurs leaders to push their organizations to pay by employees with at least five years greater attention to concerning behavior section provides readers with information on select tenure,” said Ireland. Case in point: the by an employee This following a negative products andinclude services from eye-popping retail asset case protection a decadesolution ago when work-related event, to possibly providers. If your company isaconsidering new technology or Fry’s Electronics employee of twenty greater monitoring of the employee’s programs, please check with these vendors as well as the years was found guilty of embezzling $66 network activity. A company may not other advertisers throughout the magazine. million over four years. Or the arrest a few have the capacity to watch everyone’s years ago of a wireless retailer’s veteran online activity all the time, in which case chief operation officer who, for several it’s valuable to maintain awareness of years, held a secret consulting agreement employee dissatisfaction and troublesome with a financial services firm to provide it behavior to target proactive system with confidential information regarding monitoring. Targeted monitoring of sales, compensation, and product launches online activity by employees of concern AFA at the retailer’s 400PROTECTIVE locations. can prevent insider theft and sabotage by Ireland warned SYSTEMS, INC. immediately detecting technical precursor that insider theft is SINCE 1873 activity, they advise. often committed The reason behind insider activity is with security controls typically complex, according to Hansen. in •mind, citing Systems an There is often more than one motivation, Fire Alarm example of a retail perhaps a toxic mix of financial troubles, • Design, Installation & Service employee who a lack of loyalty, and perceived insufficient • UL Listed & FM Approved Contact LPM's stole just under recognition. He suggested security needs to Central Station Monitoring Media Strategist its investigation be equally layered to match it, by taking Malique Carr • Test & of Inspection threshold $50 a “defense in depth” approach. It starts Ben Skidmore at Services every day for fifteen with looking for indicators of trouble BenS@LPportal.com years before being caught. Malique Carr, during the hiring process—for financial, PhD, a psychologist and vice president personality, and other red flags—but must for TorchStone Global, a global risk extend to controls At AFA, we mitigation and security firm, similarly throughout the deliver superior warned that employee’s lifetime. levels of organizations must review service. posture against both theircustomer theft prevention One often insiders opt for the “low-and-slow overlooked risk is If youthat don’t believeand us, ask approach skim a little off the top” and when employees our customers! those that go for the big score. temporarily take www.afap.com “Employees need privileges to perform on roles during job (866) AFA-NATL their roles effectively and responsibly, vacancies. Too often, Sherri Ireland personnel management to rescreen MARKETPLACE and conduct enhanced monitoring for employees in higher-risk roles or who are starting to display concerning behaviors,” she added.
LP Products and Services Marketplace Market Your Company's Products and Services Here
LP MAGAZINE
|
November–December 2021
AFA PROTECTIVE SYSTEMS, INC. SINCE 1873
• Burglar Alarm Systems • Design, Installation & Service • UL Listed & FM Approved Central Station Monitoring
At AFA, we deliver superior levels of customer service. If you don’t believe us, ask our customers! www.afap.com (866) AFA-NATL
NOVEMBER–DECEMBER 2020
| 74 |
LossPreventionMedia.com
51
