Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Protect Yourself Against Rogue Employees

You have problems. The annual report spreadsheet has disappeared from a server. A virus is loose in company e-mail. Someone has access to the network through some kind of back door. Those are big problems.

The natural reaction is to suspect the dark legions of black hat hackers, but the truth might lie closer to home. In fact, the computer crime survey annually produced by the Computer Security Institute and the FBI has consistently shown that network security risks are as likely to originate inside the firewall as without. In other words, rogue employees can often be an organization's biggest enemies.

"Just about every company has experienced some kind of data loss or interruption incident because of the actions of an employee," Info-Tech Research analyst Carmi Levi says. "Whether it's inadvertent or malicious, the result is the same. It doesn't matter how it came to be, the fact that it came to be is the problem."

For all of the chaos a rogue user can cause within an organization, Levi says that it is wrong to equate rogue behavior with malicious intent. "The typical definition of 'rogue' definitely has negative connotations," he says. "People assume that it's someone who has nefarious intentions. But 'rogue' includes unintentional actions, and I'd suggest that the unintentional rogue activities are a greater risk to the organization, and represent a much more common problem."

Moreover, while employees who are out to get a company invariably have an identifiable agenda, whether it's the theft of corporate secrets or compromising specific business process, and usually have some kind of consistent modus operandi, the guy in marketing who deletes the budget due to negligence can be much harder to track down. Unintentional rogue behavior is random and thus much harder to plan for.

  • 1