Rather than monitoring every activity by every user, many employers have begun looking at insider risk indicators to identify risky behavior. As it turns out, workers prone to causing breaches fall into three broad categories—and you can do your part by watching out for colleagues who fit these profiles.

1. The Over-Sharer. We all know a few—folks from the office who always seem to email a document to a wide distribution. Or they upload a file to a cloud service, or post sensitive information in an unauthorized application. They think they’re helping by giving people quick access to valuable information. These people aren’t malicious, but rather prone to poor judgment or human error. Nevertheless, their actions may result in costly data breaches that keep security pros up at night. 

2. One Foot Out the Door. Make no mistake: people who’ve decided to leave the company and take critical information with them are only looking out for themselves. The data may consist of projects they’ve worked and want to save in their portfolio. Or a database of customers they could migrate to a competitor. Or even just a report with a great format they’d like to duplicate in their new job. Regardless, any info they take with them can negatively impact your organization’s ability to do business, compete fairly, and protect customer privacy.  

3. The Troublemaker. While rare, these insiders are among the most disruptive in the bunch. There are a few varieties of troublemakers, including a mole or insider for hire. Troublemakers are often profit-motivated, simply selling corporate information. Or they may be engaged in corporate espionage. Maybe they have political motivations, seeking to disrupt or sabotage the company.

What you can do

•  Commend helpful people for their service mindset but also remind them there are criminals who make a living off of taking advantage of trusting folks. Better to slow down and think before sharing
• Be mindful of odd requests from someone you know is leaving soon, for example “I need you to send me a download of..”
•  Don’t confront someone who you suspect of malicious intent. Instead contact your supervisor or security. You may or may not be correct in your suspicions so let the professionals investigate. 

© National Security Institute, Inc.