One rogue IT employee can do more damage than an army of hackers. Here's how three companies could have better protected themselves.
What did the company do wrong? First, the incident is a classic example of 'privilege escalation', which is what happens when privileges are granted to an individual to handle a specific task but are not revoked when the person no longer needs them, says Ponemon.
Second, an entitlement culture led to no separation of duties and very little oversight of IT. Because of that, management missed an important red flag. After the incident, the company discovered that Sally had 'lost' 11 laptops over the previous three years. The help desk staff was aware of this, but no one ever reported it to management, partly because of Sally's status in the organisation. Nobody knows what she did with those laptops; it could be that she was just careless - but "that's a problem in and of itself if you're a systems administrator", Ponemon observes.
Third, given the tense atmosphere created by the outsourcing decision, the company should have been more vigilant and more proactive in monitoring potentially angry employees.
Even if you haven't announced anything to your employees, it's a mistake to think they don't know what's going on, says Ponemon. "The average rank-and-file [worker] knows within a nanosecond of when the CEO signs the [outsourcing] contract," he says. If you aren't already monitoring your IT people, now is the time to start. For best results, kick off with a very public pronouncement that you are now monitoring the staff.
According to CERT, many cases of sabotage are the result of a disgruntled employee acting out of revenge. And those acts can happen in the blink of an eye, as the next story illustrates.
NEXT PAGE: A firing gone very wrong