We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
2,862 Tutorials

How to protect yourself against rogue IT staff

One rogue employee can do immense damage

One rogue IT employee can do more damage than an army of hackers. Here's how three companies could have better protected themselves.

Preventive measures
What did the company do wrong? First, the incident is a classic example of 'privilege escalation', which is what happens when privileges are granted to an individual to handle a specific task but are not revoked when the person no longer needs them, says Ponemon.

Second, an entitlement culture led to no separation of duties and very little oversight of IT. Because of that, management missed an important red flag. After the incident, the company discovered that Sally had 'lost' 11 laptops over the previous three years. The help desk staff was aware of this, but no one ever reported it to management, partly because of Sally's status in the organisation. Nobody knows what she did with those laptops; it could be that she was just careless - but "that's a problem in and of itself if you're a systems administrator", Ponemon observes.

Third, given the tense atmosphere created by the outsourcing decision, the company should have been more vigilant and more proactive in monitoring potentially angry employees.

Even if you haven't announced anything to your employees, it's a mistake to think they don't know what's going on, says Ponemon. "The average rank-and-file [worker] knows within a nanosecond of when the CEO signs the [outsourcing] contract," he says. If you aren't already monitoring your IT people, now is the time to start. For best results, kick off with a very public pronouncement that you are now monitoring the staff.

According to CERT, many cases of sabotage are the result of a disgruntled employee acting out of revenge. And those acts can happen in the blink of an eye, as the next story illustrates.

NEXT PAGE: A firing gone very wrong

  1. One rogue employee
  2. Pirating software and worse
  3. The cost to the company
  4. Outsourcing incenses employees
  5. Preventative measures
  6. A firing gone very wrong
  7. The best defence is multipronged

IDG UK Sites

Amazon Kindle Voyage release date, price and specs UK: a high-end eReader with Amazon’s best-ever...

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

How to successfully bridge the gap between clients and creatives

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room