We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
2,862 Tutorials

How to protect yourself against rogue IT staff

One rogue employee can do immense damage

One rogue IT employee can do more damage than an army of hackers. Here's how three companies could have better protected themselves.

Preventive measures
What did the company do wrong? First, the incident is a classic example of 'privilege escalation', which is what happens when privileges are granted to an individual to handle a specific task but are not revoked when the person no longer needs them, says Ponemon.

Second, an entitlement culture led to no separation of duties and very little oversight of IT. Because of that, management missed an important red flag. After the incident, the company discovered that Sally had 'lost' 11 laptops over the previous three years. The help desk staff was aware of this, but no one ever reported it to management, partly because of Sally's status in the organisation. Nobody knows what she did with those laptops; it could be that she was just careless - but "that's a problem in and of itself if you're a systems administrator", Ponemon observes.

Third, given the tense atmosphere created by the outsourcing decision, the company should have been more vigilant and more proactive in monitoring potentially angry employees.

Even if you haven't announced anything to your employees, it's a mistake to think they don't know what's going on, says Ponemon. "The average rank-and-file [worker] knows within a nanosecond of when the CEO signs the [outsourcing] contract," he says. If you aren't already monitoring your IT people, now is the time to start. For best results, kick off with a very public pronouncement that you are now monitoring the staff.

According to CERT, many cases of sabotage are the result of a disgruntled employee acting out of revenge. And those acts can happen in the blink of an eye, as the next story illustrates.

NEXT PAGE: A firing gone very wrong

  1. One rogue employee
  2. Pirating software and worse
  3. The cost to the company
  4. Outsourcing incenses employees
  5. Preventative measures
  6. A firing gone very wrong
  7. The best defence is multipronged

IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

See how Trunk's animated ad helped Ade Edmondson plug The Car Buying Service

IDG UK Sites

Yosemite tips: Complete Guide to OS X Yosemite