The enemy within – insider ­security threats

May 2019 Editor's Choice, Information Security, Financial (Industry)

Forty-two years ago, almost to the day, brazen thieves tunnelled into the Standard Bank branch in Krugersdorp over the Easter long weekend. The robbers had done their homework and made off with a then whopping R413 000. To this day they have never been caught or even identified. Many still believe it was an inside job as the men knew exactly where to tunnel to and knew that the bank’s trembler alarms were disabled due to generators running nearby.

Although many silently applauded their audacity at the time, insider threats in today’s financial world are far more insidious and destructive. However, many financial institutions mainly have themselves to blame for lack of attention to or failing to follow best practices and procedures. So where should it all begin?

Definitely not when the person assumes his/her position, it should start much earlier.

The CV/résumé

Normally, after placing a job vacancy ad, organisations are flooded with applications and HR has the onerous task of wading through them all. Most are from genuine work seekers, however, in amongst them are those from chancers, ineligibles and far worse, those seeking to harm the company financially, reputationally or simply out of a perceived grievance.

Once a short-list of applicants has been decided on the serious task of vetting the candidates must begin with no short-cuts taken. This is a time consuming and costly exercise but will pay dividends in the future. Remember, someone looking to harm the company or inflate their credentials will go to a lot of effort to present a professional CV/résumé.

The interview

This is probably the most important step in the hiring of a candidate. The interviewing panel should consist of members of senior management, HR and a Subject Matter Expert (SME) with in-depth knowledge of the job requirements that the applicant is applying for. Things the panel should look out for include:

• Is the interviewee on time for the interview?

• Are they decently attired, presentable and clean?

• Do they appear at ease in the meeting?

• Can they answer questions relating to their qualifications and work experience promptly without having to think about it or assuming a shifty look?

• Do they have valid reasons for leaving their current employer or do they bad-mouth them?

• Have they done basic research on your company, including its vision, ethics, reputation, management, etc.? Do they ask relevant questions in return?

Once a decision has been made over the correct candidate/s, the next step in the process can begin.

Validation

This step is to check that the person is who they claim to be and includes ID checks, qualification checks, police reports, references from previous employers and community leaders. Remember, any referees who sound hesitant to disclose information, cage their words or are too gushing in their praise raise red flags. We also recommend using a company to conduct social media checks to ensure the potential candidate does not have a background of unwanted behaviour traits.

Onboarding

Now that the successful candidate has received and accepted a formal invitation for employment, onboarding can begin in earnest. The recruit must be made to feel welcome when they start their work. HR will arrange all the necessary paperwork to be done, including ID access cards, security passes, parking, banking details as well as appointing a ‘buddy’ to show the newcomer around, explain the rules of the company, introductions to members of management and teams, discuss prospects for advancement and further learning and development.

The IT department will arrange the minimal permissions the person will need to perform their job functions and ensure that strong passwords and password managers are in place. Permissions for promotions, demotions or relocations must be altered accordingly. BYOD (Bring Your Own Device) and remote working rules and policies will be explained and made available to the

new employee.

Regular follow-ups must be made by unit managers, IT, HR, etc. to ensure the person is happy and comfortable in their new position and performing as expected of them. An angry, disgruntled or bored employee is a very real danger to the company.

Offboarding

As important as onboarding is, offboarding correctly is critical. Whether the employee resigns or is dismissed, the process must take place swiftly and clinically. All access/security/ID cards must be returned and cancelled. Biometric access (fingerprint or retinal/facial scanning recognition) must be immediately revoked. All company devices (laptops, desktops, iPad, phones, USBs, external hard drives, etc.) must be collected and their serial numbers, makes and models checked against the issuing list. IT must ensure that all these devices are thoroughly checked for malware or preferably wiped clean. Logic bombs or Random Access Trojans (RATs) could have been placed on them to be used at a later date. All program passwords must be cancelled and where the employee had joint password access, this must be changed at once.

While it is almost impossible to eliminate insider threats, much can be done to reduce the chances of it occurring and limiting the risks it entails.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

2024 Southern Africa OSPAs winners announced
Editor's Choice
The 2024 Southern Africa Outstanding Security Performance Awards (OSPAs) winners were revealed on Tuesday, June 11th, at the Securex South Africa Seminar Theatre hosted by SMART Security Solutions.

Read more...
AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

Read more...
Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

Read more...
NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

Read more...
The future of digital identity in South Africa
Editor's Choice Access Control & Identity Management
When it comes to accessing essential services, such as national medical care, grants and the ability to vote in elections to shape national policy, a valid identity document is critical.

Read more...
Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

Read more...
AI-enabled tools reducing time to value and enhancing application security
Editor's Choice
Next-generation AI tools are adding new layers of intelligent testing, audit, security, and assurance to the application development lifecycle, reducing risk, and improving time to value while augmenting the overall security posture.

Read more...
Perspectives on personal care monitoring and smart surveillance
Leaderware Editor's Choice Surveillance Smart Home Automation IoT & Automation
Dr Craig Donald believes smart surveillance offers a range of options for monitoring loved ones, but making the right choice is not always as simple as selecting the latest technology.

Read more...
AI enables security solutions to define business strategies
Regal Distributors SA Editor's Choice
While allowing technologies to do exactly what they should do with even more efficiency and precision, AI is also empowering these same technologies to break through their traditional boundaries and create an ecosystem where one interface delivers outcomes across highly segmented verticals.

Read more...
Putting cyber into surveillance
Dallmeier Electronic Southern Africa Cathexis Technologies Technews Publishing Editor's Choice
Cybersecurity has become an essential part of the physical security industry. However, unlike other IoT technologies, of which security products are a part, surveillance technologies have more to protect.

Read more...