What is an “insider threat”?
An insider threat is a security threat which comes from within the company or organization being targeted for an attack. It could be a present or former employee, a board member, or anyone who has had access to the office building or confidential company information in the past. Insider threats are more difficult to prevent, and your organization needs your help to keep your network safe and secure. To help keep your organization protected, follow the below tips.
How you can help prevent insider threats:
- Report any suspicious behavior from employees, contractors, or anyone else inside the building. If you see something that looks suspicious, say something to your manager immediately.
- Examples of suspicious behavior can include:
- A disgruntled or angry employee wanting to retaliate against the organization.
- An employee who often works outside of business hours for no specific reason.
- People bringing unauthorized devices into the workspace.
- A contractor or inspector who is wandering outside of the area they should be attending to.
- Keep your desk free of any confidential information.
- Securely lock confidential information away in a filing cabinet when not in use. No passwords on Post-its, period!
- Lock your computer every time you step away.
- This is important to prevent those passing by from seeing confidential information on your screen.
- Be aware of the threat of shoulder-surfing.
- Watch out for people hanging around your desk acting suspiciously, looking at your screen or at items on your desk. They might be looking for confidential information, or watching you enter passwords.
Remember, you’re the last line of defense to prevent a cyber attack on your organization.
Stop, Look, and Think. Don’t be fooled.