Sophia Logica's Original Blog
Insider threat is an expansive affair for companies where information is vital for business. "In an embarrassing episode for Morgan Stanley, the bank dismissed an employee earlier this year for taking information about an estimated 350,000 clients of its wealth-management division [Bloomberg 12 March 2015]." The dangers of hiring a Trojan Horse is ever-present in this business.
Professional Input
This Bloomberg article had given some insights on corporate espionage. It reported that about 20 companies sell tools to monitor employee behavior. Dune Lawrence, Bloomberg's journalist, interviewed some players that sells software to spy on your employee. Most of them were former FBI agents and their inputs can be used to understand the espionage game.
Financial Stresses
Stroz Friedberg, a New York-based consulting firm, specializes in digital forensics. They use linguistic and behavioral analysis techniques developed by the FBI. It evaluates the content of employees e-mails and other communications. Warning will be triggered if terms indicating financial stresses were encountered. "Late rent" or "medical bills" are cited as instances of keywords the software seeks.
Behavioral Patterns
Employees activities were monitored to create a profile of each employee and establish a "normal" behavior. Suspicious activities will be flag when there is a deviation from the norm. An algorithm is used to place to risk score for users based on what danger they may pose to the organization. Employees getting ready to leave with highly sensitive data start doing things they hadn’t before, such as changing their e-mail habits or downloading thousands of documents from a database.
Privacy Issues
Edward Stroz, founder Stroz Friedberg and a former FBI agent, says companies have found this idea too intrusive in the past but the perception had changed in the past year. Like it or not, competitors will send spies to get information from the inside. They also prey on dissatisfied employes or those with financial stresses. Some form of monitor is better than none at all. Conscience had Securonix, a spy on employee software firm based in Los Angeles, raising the question on how much is too much. Dune Lawrence recorded Igor Baikalov, a former security executive at Bank of America and chief scientist at Securonix, with this dilemma.
My Comments
Being put in charge of monitoring the software's red flag is a crummy job. If you get a person who has a nosy attitude they would be interested in the gossip. One who is not will be bored until something concrete comes a long.
No comments:
Post a Comment