For the corporate network, the greatest danger comes from within: the IT department employees who built it, changed it, and know more about the network than anyone else in the company. When the system administrator starts to “stumble” to steal information, set full access everywhere to plant or “logic bombs” in the databases, it is he who employs himself to eliminate the threat. In some cases, managers pressure IT specialists to violate company policy, further insisting that the reasons would be an “emergency.”
A study on US soil conducted by Verizon and cited by PC World, 48% of information leaks are due to people within the company. In 90% of IT specialists, a company is guilty of such violations, deliberate and malicious actions.
The same study also shows that in 24% of domestic crime cases, those involved left the company, either because they were fired, or because they submitted their resignation.
To control the “curiosity” of employees of the IT security department, experts recommend installing monitoring software for the privileges granted to the company.
User monitoring
It starts even before the employment of network and system administrators. They must check to determine if they have been involved in such crimes.
Once compromised, they should generally not be granted more access rights than they need.
Checking the employees who leave the company announced that
Many security breaches have occurred as a result of the fact that access was restricted to employees who did not want to leave quickly enough.
Employee Monitoring for Known Online Violations
In most cases, misdemeanors will lead to crime in their own right. According to the study published in Verizon, what has harmed employees began with the little things, out of curiosity.
Software used to analyze log files
Security specialists say that in most cases, malicious actions can be detected by studying log files. Write log files (log) recording system activity and related applications.
There are three signs that indicate network anomalies: when there is an unexplained amount of information in the log, when very long lines appear within the log, or when the login formation suddenly disappears.
Inform your employees about the threat from within
Security specialists recommend training IT employees so they know about internally generated security issues and how they can tell when the offenders are peers.
The best way to combat malicious behavior by a network administrator, experts say, is to educate colleagues on the trail.
These are just some details that the employer must inform their employees about this risk, for good security in your company you must know “”rules” like this for your own protection and also for your company, be very careful with these details because after you will regret not having time to inform yourself and your employees as well, problems can come and you will never know how to solve them if you are a hobbyist and keep making the same mistakes information you can also visit the two sites I give you below.