While hacking by outsiders is posing a larger and more significant threat to companies of all sizes, the threat of insider jobs – particularly by disgruntled former employees – is often a bigger one.
These attacks, carried out with malicious intent to hamstring a company’s operations, can cause serious problems. Take, for example, the following recent events:
- A former employee of Spellman High Voltage Electronics Corp. is facing charges after employees began reporting that they were unable to process routine transactions and were receiving error messages after he resigned, due to allegedly being passed over for a promotion.The mayhem cost his former employer more than $90,000, and he was arrested. “The defendant engaged in a 21st-century campaign of cyber-vandalism and high-tech revenge,” said Loretta Lynch, the United States attorney for the Eastern District.
- A former employee of McLane Advanced Technologies was sentenced to 27 months in prison and ordered to pay $35,816 in restitution after pleading guilty to hacking into McLane’s systems and deleting payroll files to the point that staff could not clock in and the company could not issue payroll checks. He was upset after the company had fired him and then refused to help him obtain unemployment benefits.
With these cases in mind, there are internal steps you can take to avoid this sort of thing happening at your company, including:
Route all offsite access through a VPN – This can typically prevent someone from entering your system altogether. But once you have such a system in place, all outside connections need to be logged and monitored for suspicious activity.
Test your disaster recovery plan – You need to have a disaster recovery plan in place that includes backing up data every day, just in case someone deletes data from your servers. That way, if data is deleted you can immediately switch to a backup IT environment. Oftentimes, organizations do disaster recovery, but unless they practice the actual recovery, they don’t know if it will work, and it doesn’t matter whether they have a physical or a virtual environment. So, don’t forget to test any plans you have.
Block unapproved software – Sometimes your employee hackers will install extra software that makes it easier for them to root through your system and create havoc. You should have systems in place that do not allow anybody to install unapproved software.
Disable ex-employee accounts and passwords – Whenever an employee or contractor ceases to work at your business – or in the case of layoffs, beforehand – disable their network access, accounts and passwords.
Block root access to everything – Well-run IT shops always block direct, root-level (for Unix) or admin-level (for Windows) access to critical systems. They do this because they know that giving IT employees too much access is an invitation to commit abuse. Accordingly, give users unique passwords to systems and restrict what they can access. Assigning individual passwords to employees also makes it much easier to revoke them, and to monitor how they’re being used.
Make suspect behavior cause for concern – Watch for human-behavior warning signs such as complaining to others about the company and more than usual time accessing your company data on your network. Develop a response plan for when such signs are spotted.
Beware resignations, terminations – Most people who steal intellectual property or destroy systems do so within 30 days of resignation. Keep a close eye on departing or departed employees, and what they viewed. If someone resigns who has had access to your most sensitive company information, including trade secrets, you need to pay special attention to ensure it’s not compromised.
Marshall forces – Businesses that prepare for attacks in advance tend to better manage the aftermath. When it comes to combatting cases of suspected insider threat, include human resources, supervisors, upper management, security, legal and your IT crew in developing a company-wide plan.
BGES Group’s office, located in Larchmont, NY is a full service insurance agency offering, Property, Liability, Umbrella Liability, Business Auto, Bid & Performance Bonds, Inland Marine, Worker’s Compensation, New York State Disability, Group Health, Life insurance, Personal lines and Identity Theft.
BGES Group are Worker’s Compensation Specialists for the States of New York, New Jersey and Connecticut – Issues we address: 1) Lowering pricing – we have specialty programs that can save you up to 40%; 2) Finding a new company; 3) Being cancelled or non renewed; 4) Audit disputes; 5) Company creating fictitious payroll at audit time; 6) Lowering high experience modifications factors; 7) Misclassification of payrolls; 8) Lowering or eliminating renewal deposits; 9) Getting coverage when you’ve been without for a few months; 10) Covering multiple states under one policy; 11) Eliminating 10% service or policy fees; 12) Timely issuance of certificates; 13) Always being able to get someone on the phone or by email when you need to.
Special Contractor Insurance Programs (NY, NJ, CT) – We we have 50+ insurance companies to market your general liability, umbrella liability, business auto, workers compensation, bid & performance bonds and group health coverages. We help contractors set up proper risk transfer mechanisms. If you’re a contractor we offer extensive information about insurance markets, coverages, risk transfer mechanisms, subcontractor screening, ways to lower your insurance costs that lower them.
Contractors Make More Sales – Close more sales with easy, affordable financing options for your customers. Everything can be done from your phone. Thirteen banks to get financing from. No hidden fees. Click here to learn more.
Identity Theft – Over the past year hundreds of thousands of people have had to deal with identity theft. This has become such a huge problem so we now offer Identity Theft Protection. We heard stories of kids going for car loans and learning they owe $200,000+ to companies they never heard of. Under our program you can protect yourself, spouse and children. Anyone you know can purchase this protection though our plan! Click here to learn more or sign up.
Soon To Be The Best Artificial Intelligence Technology Marketing Platform In The World To Get You New Customers – Sick and tired of paying social media experts thousands of dollars to do your marketing? Paying Google, Facebook, Linkedin hundreds/thousands of dollars for lousy results? How would you like to dominate your business niche? How would you like get in on the ground floor and earn a massive new cash flow every month? Click here to learn more.
If you would like to speak with us call Gary Wallach at 914-806-5853 or click here to email or click here to visit our website.
Company: BGES Group, 216A Larchmont Acres West, Larchmont, NY 10538
© – Copyright – 2020 – BGES Group