Cisco recently released a whitepaper about data leakage and insider threats. Several predictions for 2009 have indicated that, particularly with the uncertain economic climate, insider data breaches would become more of an issue. With 88% of respondents admitting they'd take sensitive information if they were laid off, this is a clear and present threat to data security.
Bruce Schneier recently addressed the issue of insiders, which he points out are a perennial problem for organizations. Insiders have the means and opportunity to breach data - intentionally or not. The issues coming up lately refer to an increase in intentional data theft or fraud.
"With 1.5 million predicted job losses in the US alone, there's an increased risk and exposure to these attacks. This is one of the most significant threats companies face" - Microsoft's Doug Leland
So, given that you need to trust your employees in order to keep your company running, how do you go about addressing the problem of inside threats? Schneier recommends 5 basic techniques, many of which we've talked about here on the Absolute blog:
You can read these recommendations in detail here. Hopefully it will give you some ideas about how to prepare for insider issues. Just like with all security planning, it's about being prepared and about having multiple layers of security in place.
In other news, there have been a high number of data breaches thus far in February (see latest incidents). One getting a lot of attention is from the Federal Aviation Administration (FAA) that affects 45,000 FAA employees.
Image anitapatterson @morguefile