A lot of attention is spent keeping out “those bad people” who are outside of your network. Your competition, hackers, industrial espionagers and etc. But what about the employee who is upset that he didn’t get a raise. What about the gal in accounting who has critical passwords and user names who is angry at her supervisor? What about the secretary you just hired?
Like AOL and so many other companies your next attack might be by someone who is already in your network and has enough information to do serious damage to your company.
USA Today writes Companies that have spent billions on cyberdefenses to thwart intruders are now addressing an even bigger threat: employees.
Many are investing in software that monitors sensitive content inside corporate networks, say security analysts and venture capitalists. The new interest comes on the heels of headline-grabbing security breaches.
Executives don’t want a repeat of what happened at America Online, where a former employee was arrested in June for allegedly stealing 92 million screen names and selling them.
Or at credit-software company Teledata Communications, where a former employee in September pleaded guilty to federal fraud charges of stealing the financial identities of tens of thousands of people.
AOL and Teledata say they have taken steps to shore up internal security.
“Corporate networks are like candy bars: hard on the outside, soft and chewy on the inside,” says Rich Mogull, a security analyst at Gartner Research.