If you ever needed convincing that the insider threat is real, check this article in Infoworld out.

A few of the key findings from the study:

• Of those polled, 22 percent of US, 29 percent of Australian and 48 percent of British employees who have access to their employer's or client's private data indicated they would feel comfortable doing something with the data, regardless if that access was intentional or accidental.
• Nine percent of Americans, 8 percent of Australians, and 24 percent of Britons admitted they would copy electronic data and files to take with them when they leave a company.
• 5 percent of American and 4 percent of Australian employees with access would feel comfortable profiting from proprietary information by selling it on the Internet, while 24 percent of British employees with access said they would feel comfortable selling data.

Not sure why the figures for UK employees are so much higher. I'll refrain from speculating lest I upset my friends in the UK.

This related article from CSO which discusses the authorized insider threat is worth a read as well.

CipherPoint's take away from this: your sensitive information/crown jewels have always been most at risk from insiders, whether authorized ones stepping out of bounds, or unauthorized ones. Despite the rash of hacking for profit, advanced persistent threat, hacktivism, etc., this is still true today, and likely always will be.

Security controls (including process ones aimed at people, like background checks, detective controls such as DLP and audit logging, and preventive controls like encryption for sensitive content) should be fundamental to your security program. If you fail to think about insiders as potential threats, you may be in for a surprise down the road. And it's not just Wikileaks and state secrets we're talking about here, it's valuable IP, customer lists, employee payroll files, EPHI, customer financial data, files containing credit card data, and other sensitive information- the stuff that all corporations have, and frequently store in unstructured data file repositories.

And yes, this includes for collaboration and content management platforms like SharePoint, and it includes cloud collaboration platforms such as Yammer, SharePoint Online, Box.net, Dropbox, and others.


JD