Posted in Threat Intelligence by Derek Smith on January 29, 2015

Many organizations believe that once they hire a new employee or contractor, the person is automatically part of a trusted group of people within the organization. This new hire is given access to sensitive company information that an ordinary person would never have. But why do they suddenly trust this person? Many organizations don’t perform background checks or reference checks and as long as this prospective employee is liked by the hiring manager, they are hired.

The problem with this is that many people may not be who they say they are or who you think they are. Not adequately validating these individuals’ backgrounds can end up being a costly, if not devastating mistake for your company. These people being hired are complete strangers, yet they are given access to your critical business information.

Think about it—if a competitor really wanted to do damage to your business, steal critical secrets, or even run you out of business, all they have to do is find one of your job openings, prep someone to pass your screening process, have that person get hired, and they are inside your business. The fact that it is this easy should scare the daylights out of hiring managers.

Do you think this is far-fetched? Let me inform you that according to Dr. Eric Cole and Sandra Ring, authors of Insider Threat: Protecting the Enterprise from Sabotage, Spying and Theft, this is a common practice among some foreign governments. They will plant a spy against a nation or organization and use their knowledge of the company’s hiring criteria to prep the “spy” for employment. Even if the potential employee has to pass a polygraph exam, he or she can be prepped to pass that, too. Once hired, this individual becomes a trusted insider and can cause serious damage to your organization.



So what can you do to prevent this type of activity within your organization? Examine your hiring practices! Your organization’s approach to reducing this kind of insider threat should start with your hiring process. Background checks should be conducted to reveal previous criminal convictions. Additionally, a credit check should be performed, and credentials and past employment should be verified. When verifying past employment, don’t just get verification that the prospective employee worked there: if possible, include discussions with prior employers regarding the individual’s abilities and approach to dealing with workplace issues.

Prior to conducting background checks, ensure that you consider your particular legal requirements, such as the Equal Employment Opportunity Commission’s (EEOC’s) best practices and state and local regulations limiting the use of criminal or credit checks.

The bottom line is that organizations should require background checks for all potential employees as well as contractors and subcontractors, and they should be investigated thoroughly as a preventative measure for insider threats.

Cole, E., & Sandra, R. (2006). Insider threat: Protecting the enterprise from sabatage and spying and theft. Rockland: Syngress.

 


Comments

07/11/2016 7:43pm

This is really helpful. Companies must create high degree of screening before hiring a new applicant. The risk is high, safety of any confidential information about the company might be in danger. There should be a long process before a new employee can access system and restricted data. Once you've read this, you will surely think right after then. This is an urgent and important reminder to work on.

Reply
09/20/2016 5:48am

College life is about having fun along with completion of a very important part of life before to get a job. So, to focus on other activities, there are many online writing experts to help college students regarding their assignments.

Reply
12/19/2016 12:24am

All I can say is that I trust nobody) Only my family. Can't trust no one at my work)

Reply
01/24/2017 2:09am

My co-workers are pretty reliable. I can say I trust them. What about you?

Reply
02/07/2017 8:28am

Reply
02/09/2017 12:25am

Reply
02/19/2017 2:08am

This savvy move can get a decent home credit in time with no troubles. In addition, in the event that you have over five years of working knowledge then you can pick the home credit with low loan fees as well. In this way, look through your working knowledge before applying for a home credit.

Reply
05/09/2017 2:47am

http://jkbose.2017resultnic.in/jkbose-12th-result-jkbose-co-in/

Reply

Some really useful slides here. I've been looking for something like this to help with a research piece I've been working on.

Reply



Leave a Reply

    Author

    I am an expert on cyber security and business leadership with doctoral level training.  I am also an author, speaker and trainer.

    Archives

    April 2015

    Categories

    All
    Cyber Security

    View my profile on LinkedIn