Home / Articles / Preventing cyberattacks from the inside (and detecting them)

Preventing cyberattacks from the inside (and detecting them)

January 8, 2021

It’s never been more important for businesses to take action on preventing cyberattacks. In one recent cybercrime scheme, a mortgage company employee accessed his employer’s records without authorization, then used stolen customer lists to start his own mortgage business. The perpetrator hacked the protected records by sending an email containing malware to a coworker.

This particular dishonest worker was caught. But your company may not be so lucky. One of your employees’ cybercrime schemes could end in financial losses or competitive disadvantages due to corporate espionage.

Best practices for preventing cyberattacks

Why would trusted employees steal from the hand that feeds them? They could be working for a competitor or seeking revenge for perceived wrongs. Sometimes coercion by a third party or the need to pay gambling or addiction-related debts comes into play.

Although there are no guarantees that you’ll be able to foil every hacking scheme, your business can minimize the risk of insider theft by implementing several best practices.

1. Restrict IT use.

Your IT personnel should take proactive measures to restrict or monitor employee use of email accounts, websites, peer-to-peer networking, Instant Messaging protocols and File Transfer Protocol.

2. Remove access.

When employees leave the company, immediately remove them from all access lists and ask them to return their means of access to secure accounts. Provide them with copies of any signed confidentiality agreements as a reminder of their legal responsibilities for maintaining data confidentiality.

3. Don’t neglect physical assets.

Some data thefts occur the old-fashioned way — with employees absconding with materials after hours or while no one is looking. Typically, a crooked employee will print or photocopy documents and remove them from the workplace hidden in a briefcase or bag. Some dishonest employees remove files from cabinets, desks or other storage locations. Controls such as locks, surveillance cameras and restrictions to access can help prevent and deter theft.

4. Treat workers well.

Create a positive work environment and treat employees fairly and with respect. This can encourage loyalty and trust, thereby minimizing potential motives for employee theft.

Wireless risk

In addition to the previously named threats, your office’s wireless communication networks — including Wi-Fi, Bluetooth and cellular — can increase fraud risk.

Fraud perpetrators can, for example, use mobile devices to gain access to sensitive information. One way to deter such activities is to restrict Wi-Fi to employees with special passwords or biometric access.

For more tips on preventing employee-originated cybercrime, or if you suspect a fraud scheme is underway, contact us for help.

All content provided in this article is for informational purposes only. Matters discussed in this article are subject to change. For up-to-date information on this subject please contact a Clark Schaefer Hackett professional. Clark Schaefer Hackett will not be held responsible for any claim, loss, damage or inconvenience caused as a result of any information within these pages or any information accessed through this site.

Guidance

Related

Article

2 Min Read

Gauge Your Cybersecurity Risk Level

Article

2 Min Read

Business continuity plans can get you through a crisis

Article

2 Min Read

Lack of cybersecurity could threaten key partnerships

Article

2 Min Read

What scares me the most: cybersecurity concerns from the IT Director

Article

6 Min Read

Are your employees working remotely with outdated technology?

Article

4 Min Read

Top 5 Reasons to Use Cloud-based Data Backup

Get in Touch.

What service are you looking for? We'll match you with an experienced advisor, who will help you find an effective and sustainable solution.
  • This field is for validation purposes and should be left unchanged.