Protecting Against Insider Threats

When you visualize what a computer criminal looks like, you probably think of a teen-ager living in his mother's basement, or a shady-looking character in a lawless country far away. But if you want to know what the most dangerous computer criminals look like, take a look at the guy sitting in the next cube.

In a feature report this week, InformationWeek reporters Larry Greenemeier and Sharon Gaudin look at insider security threats -- how disgruntled employees can do a lot of damage. Nearly two-thirds of security pros surveyed say that insiders account for some portion of financial damage to companies, according to a survey by the Computer Security Institute. Some 39% of respondents attribute more than 20% of their organizations' financial losses to insider attacks, while 7% estimate that insiders account for a whopping 80% of financial losses, according to Larry's article, which looks at the extent of the insider threat problem and how you can defend yourself.

Sharon looks at why you should be doing background checks of employees,, as well as what to look for when doing the checks and how to set up a program of background checks so it's fair to the overwhelming majority of employees and job candidates who are not threats -- who're just looking for an honest day's pay for an honest day's work.

For an audio overview of what we found, listen to the InformationWeek podcast.

Are insiders a big threat? What do you think organizations should do to protect themselves? Are background threats overly intrusive?