Ten things you never knew about your employees

August 2009 Security Services & Risk Management

Over two-thirds of all security breaches, whether stolen paperclips or fraud worth millions of Rands, are perpetrated by members of staff of all ranks.

“How far can any sane company leader exercise blind faith and trust employees without any checks and balances,” asks Amir Lubashevsky, executive director of Magix Integration. “It is only by understanding the dangers posed by those employees with limited ethical values that a business can effectively mitigate the internal risks and protect itself.”

Below are 10 facts most business owners and managers do not know about their employees.

1. They do not care about your balance sheet. Sad to say, even middle and top-level management do not understand or care about the company’s finances. It is all about what they can get and do for themselves at the company’s expense.

2. They can easily steal information from you. Whether it is intentional or in complete ignorance while under the influence of questionable friends and social engineers, employees have access to information your competition and identity thieves want.

3. They can 'help' a friend obtain sensitive information. Most humans are always willing to help a friend obtain information, especially if they do not think that data has any value. When your company depends on that data as a competitive advantage, damage is a certainty.

4. They do not know how exposed they are to social engineering. Social engineers are slick, prepared and ruthless. Even the most honest employees will fall victim to their smooth talking if they are not educated with respect to the danger signs to look out for, or if they only have access to limited information.

5. They do not have enough security awareness. Employees need to know what is acceptable and what is not; as well as what is classified as a risk and how to prevent breaches.

6. Most of them will compromise security if they know they will not be caught. Most companies prefer to sweep internal crime under the rug in order to prevent bad publicity. This course of action simply tells criminals they will get away with it.

7. Many of them have access to information that is not relevant to their jobs. It requires a bit of work, but employees should be restricted to only the data and areas they require in doing their jobs. Convenience and laziness are among the greatest security risks in the world.

8. They do share confidential information with each other and with people outside your company. People talk, often without thinking. It really is as simple as that.

9. Employees take home your IP and sometimes forget where they put it. Whether it is a backup of a database or accounting work that needs to be done quickly, the best intentions may see staff taking work home and forgetting it or losing it.

10. Employees are not paid to look after your assets. People work for a salary and their contracts do not always include looking after the firm’s assets and, not surprisingly, they generally do not.

Whether it is social engineering taking advantage of the naïve or a criminal mind looking to make extra money at the expense of an employer, business leaders need to prepare for the worst and hope for the best by ensuring staff are educated as to appropriate behaviour and best security practices in all business scenarios. It is nice to trust people, but nice is a luxury few businesses can afford.

For more information contact Amir Lubashevsky, executive director, Magix Integration, +27 (0)11 258 4442, amirl@magix.co.za

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Understanding the power of digital identity
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
The way we perceive business flourishing is undergoing a paradigm shift, as digital identity and consumer consent redefine the dynamics of transactions, says Shanaaz Trethewey.

What you can expect from digital identity in 2024
Access Control & Identity Management Security Services & Risk Management
As biometric identity becomes a central tenet in secure access to finance, government, telecommunications, healthcare services and more, 2024 is expected to be a year where biometrics evolve and important regulatory conversations occur.

More than just a criminal record check
iFacts Security Services & Risk Management
When it comes to human-related risks, organisations and their most senior leaders focus on a narrow set of workforce risks, the potential risks that human workers pose to the business.

Tech developments lead hologram growth in 2024
News & Events Security Services & Risk Management
Micro-lenses, micro-mirrors and plasmonics are among the rapidly-emerging optical devices that have evolved on the back of holographic and diffractive technologies, and are seen as part of the natural evolution of optical science by R&D teams.

Are you leaving money on the table?
Editor's Choice Security Services & Risk Management
How many customers have you helped since starting your business? Where does most of your new business come from? If the answer is not from your database’s existing customers, you might have a problem.

The business value of ChatGPT
Security Services & Risk Management Risk Management & Resilience
Transparency, policy and integrity. It is critical for organisations to have a line of sight into processes and procedures that clearly define employee use cases when it comes to ChatGPT, says Lizaan Lewis, Head of the Legal Department at Altron Systems Integration.

BMS for smaller businesses
Security Services & Risk Management Products & Solutions Risk Management & Resilience
Small businesses can also benefit from tailored energy management solutions just like large corporations. Effective energy management is essential for more sustainable and efficient operations.

Kidnapping for ransom
News & Events Security Services & Risk Management Risk Management & Resilience
There has been an 8,6% increase in reported kidnapping cases in South Africa compared to last year, with 3 854 cases reported between April and June this year, leaving ordinary South Africans increasingly vulnerable.

The difference between a SOP and a SOP
Residential Estate (Industry) Integrated Solutions Security Services & Risk Management Risk Management & Resilience
SOPs are a touchy issue that need careful attention and automation to ensure they deliver the desired security results. Beyond design and automation, implementation is the ultimate road to success.

Scoping out potential estates
Alwinco Security Services & Risk Management
When an intruder surveys a residential estate of 200 houses, they see at least 200 cars, 400 cell phones, 400 computers, 200 flat screen TVs, 600 bank cards, and various other items of value.