Ten things you never knew about your employees

August 2009 Security Services & Risk Management

Over two-thirds of all security breaches, whether stolen paperclips or fraud worth millions of Rands, are perpetrated by members of staff of all ranks.

“How far can any sane company leader exercise blind faith and trust employees without any checks and balances,” asks Amir Lubashevsky, executive director of Magix Integration. “It is only by understanding the dangers posed by those employees with limited ethical values that a business can effectively mitigate the internal risks and protect itself.”

Below are 10 facts most business owners and managers do not know about their employees.

1. They do not care about your balance sheet. Sad to say, even middle and top-level management do not understand or care about the company’s finances. It is all about what they can get and do for themselves at the company’s expense.

2. They can easily steal information from you. Whether it is intentional or in complete ignorance while under the influence of questionable friends and social engineers, employees have access to information your competition and identity thieves want.

3. They can 'help' a friend obtain sensitive information. Most humans are always willing to help a friend obtain information, especially if they do not think that data has any value. When your company depends on that data as a competitive advantage, damage is a certainty.

4. They do not know how exposed they are to social engineering. Social engineers are slick, prepared and ruthless. Even the most honest employees will fall victim to their smooth talking if they are not educated with respect to the danger signs to look out for, or if they only have access to limited information.

5. They do not have enough security awareness. Employees need to know what is acceptable and what is not; as well as what is classified as a risk and how to prevent breaches.

6. Most of them will compromise security if they know they will not be caught. Most companies prefer to sweep internal crime under the rug in order to prevent bad publicity. This course of action simply tells criminals they will get away with it.

7. Many of them have access to information that is not relevant to their jobs. It requires a bit of work, but employees should be restricted to only the data and areas they require in doing their jobs. Convenience and laziness are among the greatest security risks in the world.

8. They do share confidential information with each other and with people outside your company. People talk, often without thinking. It really is as simple as that.

9. Employees take home your IP and sometimes forget where they put it. Whether it is a backup of a database or accounting work that needs to be done quickly, the best intentions may see staff taking work home and forgetting it or losing it.

10. Employees are not paid to look after your assets. People work for a salary and their contracts do not always include looking after the firm’s assets and, not surprisingly, they generally do not.

Whether it is social engineering taking advantage of the naïve or a criminal mind looking to make extra money at the expense of an employer, business leaders need to prepare for the worst and hope for the best by ensuring staff are educated as to appropriate behaviour and best security practices in all business scenarios. It is nice to trust people, but nice is a luxury few businesses can afford.

For more information contact Amir Lubashevsky, executive director, Magix Integration, +27 (0)11 258 4442, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Boost revenue streams for MNOS
News & Events Security Services & Risk Management Financial (Industry)
ReveNet has introduced its new solution, designed to safeguard and potentially boost revenue streams in an increasingly challenging landscape for MNOS. The new platform combines advanced analytics and is built on trust, transparency, and sustainability principles.

Read more...
Risk-IO manages mining security risks
Zulu Consulting Security Services & Risk Management Mining (Industry)
[Sponsored] A local mining company with three large operations experienced increased security costs. The liability included no standardised risk assessment, poor management of the efforts to mitigate hazards, and unauthorised access with subsequent theft. The reactive approach to security was not only expensive but also wasteful in the sense that the costs were poorly managed, and there were no metrics to show improvement or trends in incidents.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
SA company develops world-first safe K9 training for drug detection
Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Understanding South Africa’s Cybercrimes Act
Information Security Security Services & Risk Management
The Cybercrimes Act No.19 of 2020 is a comprehensive legislative response to the evolving landscape of cyberthreats in South Africa. Its effectiveness, however, relies on enforcement, which relies on implementation, international cooperation, and collaboration between the public and private sectors.

Read more...
Partnership addresses fire hazard mitigation
Brigit Fire (a Division of Hudaco Trading) Elvey Security Technologies Fire & Safety Security Services & Risk Management
Brigit Fire has partnered with the Elvey Group. The collaboration will see Brigit Fire distributing both the advanced C-TEC addressable fire detection systems (CAST Technology) and GreenMist lithium extinguishers.

Read more...
Fire protection for a solvent extraction plant in Africa
FS Systems Fire & Safety Security Services & Risk Management Mining (Industry)
A prominent mining site operates a state-of-the-art solvent extraction (SX) plant, integral to separating and purifying metals from ores, which pose significant fire risks, as SX processes involve highly flammable organic solvents and elevated operating temperatures.

Read more...
Taking fire safety seriously
G2 Fire Editor's Choice Fire & Safety Security Services & Risk Management
To gain insights into how fire systems must be designed, installed and maintained, SMART Security Solutions asked Nichola Allan, MD of G2 Fire, for some insights into the local fire market.

Read more...
New data privacy trends increase large cyber claims
Security Services & Risk Management News & Events
Frequency and value of sizeable cyber insurance claims up 14% and 17% year-on-year in the first half of 2024, with a growing trend in the US for litigation against large corporations related to privacy violations.

Read more...
Streamlining and securing enterprise risk management
Zulu Consulting Security Services & Risk Management
[Sponsored] A new enterprise risk management web app from Zulu Consulting, called Risk-IO, is designed to automate and streamline the enterprise risk management process, ensuring no steps are skipped and everything is securely documented.

Read more...