Insider Risk

Dealing With Insider Risk Starts Before They’re An Insider

By Veriato Team

Quick question: does your company have a ‘one size fits all’ approach to screening perspective hires?

The answer is (I hope) ‘of course not.’ Depending on the position being filled, companies apply different levels of scrutiny. When hiring a new CFO, for example, one can reasonably expect more rounds of interviewing and a more stringent background check than when hiring an entry-level bookkeeper.

What you are doing in your hiring process is appropriately setting risk levels by position. You may not have a formal matrix of every position in your company with a corresponding risk level ‘ but you should.

We background check, interview, and check references ‘ all to help us decide if we can trust. If we determine a candidate is trustworthy (and, of course, qualified) we make an offer, and if all goes well, bring them onboard.

Unfortunately, the constant drumbeat of insider driven fraud, theft, leaks, etc., serves as an ever-present reminder that trust is not a viable security strategy. So, we should first look at each position and determine, based on the level of access to critical information and/or information systems, how much risk the company has should the position holder ‘ the insider ‘ go rogue. It can be as simple as a 1-10 scale.

Next, we should insure that, for positions with greater risk, we are monitoring the activity of the insider more closely than for positions with less risk. There are numerous ways to monitor employee activity ‘ here at SpectorSoft we are obviously partial to our approach. But regardless of how you do so, if you are serious about mitigating insider risk, detecting and preventing insider threats, and generally insuring the security of your most critical data and systems, assigning risk levels and aligning monitoring profiles to them is a great first step.

How to Rebrand
“Bossware”at Your
Company

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida. Risus

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Employee Monitoring Resources

The Myths and Truths of Employee Monitoring

The Myths and Truths of Employee Monitoring

Early in the pandemic, searches related to “how to monitor employees working from home” increased by 1,705%. Without the oversight of managers in an office setting, many companies are concerned that their employees are less productive, and that there is an increase...

When To be Suspicious About Work-From-Home Employees (or Not)

When To be Suspicious About Work-From-Home Employees (or Not)

Perhaps someone doesn’t answer a Slack message as quickly as they should, or they have long hours blocked on their calendar. Maybe someone doesn’t seem motivated during team meetings or they are slow to complete work. While research has shown that overall,...

Avoid These Employee Monitoring Blunders

Avoid These Employee Monitoring Blunders

In September 2021, 45% of full-time employees were still working remotely, and the trend is hard to reverse. People like the freedom of working from home. Without a commute, they save time. Without a boss looming in the background, they can multi-task at home. And,...