We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
2,793 Tutorials

How to protect yourself against rogue IT staff

One rogue employee can do immense damage

One rogue IT employee can do more damage than an army of hackers. Here's how three companies could have better protected themselves.

The best defence is multipronged

The overall lesson from these horror stories is that no one single thing can protect you from rogue IT people. You might have great technical security - like the multitiered security system that ultimately detected Phil's unauthorised website - and yet a simple mistake by HR can lead to disaster. There could be big red flags in terms of behaviour or personality that go unnoticed - like Sally's missing laptops.

It's a combination of technical safeguards and human observation that offers the best protection, says CERT's Cappelli.

And yet it's hard to convince companies to do both. Executives tend to think such problems can be solved by technology alone, at least partly because they hear vendors of monitoring tools and other security-minded software claiming that their tools offer protection. "We're trying to figure out how to get the message to the C-level people that this is not just an IT problem," she says.

It's a difficult message to hear. And a lesson that many companies don't learn except the hard way. Even if more companies were forthcoming with the details of their horror stories, most CEOs would still think it could never happen to them. Until it does.

See also: Employee monitoring: when IT is asked to spy

  1. One rogue employee
  2. Pirating software and worse
  3. The cost to the company
  4. Outsourcing incenses employees
  5. Preventative measures
  6. A firing gone very wrong
  7. The best defence is multipronged
IDG UK Sites

6 cheapest 4K TVs in the UK 2014: Get a UHD telly without breaking the bank

IDG UK Sites

Apple MacBook Air (11-inch, 256GB, Early 2014) lab tests and benchmarks

IDG UK Sites

How to stop your parents opening and responding to phishing emails

IDG UK Sites

Google to ship first Project Ara developer boards in July