Five Steps to Preventing Insider Data Breaches
Follow these best practices to help reduce your risk of an insider data breach.
One of the biggest risks any company faces comes from the inside-its own employees. But how is a chief executive or a risk manager supposed to address that risk if he or she can't pinpoint the employees who commit fraud?
Last week, the Association of Certified Fraud Examiners released its 2010 Report to the Nations on Occupational Fraud & Abuse, which is based on the results of a survey of members who investigated fraud cases between January 2008 and December 2009. Among other things, the report includes a profile of the "typical fraudster."
More often than not, the employee who commits fraud is male, between the ages of 31 and 45, and works in one of six departments: accounting, operations, sales, executive/upper management, customer service or purchasing. Moreover, these workers typically have not committed a fraud offense in the past. However, they do often provide behavioral clues to co-workers or managers of possible fraudulent conduct.
Fraudsters exhibit behavioral warning signs of their misdeeds. It's important to remember that this human element of fraud-demonstrated in red flags such as living beyond one's means or exhibiting control issues-is not identified through an audit or other traditional controls. This is why the staff at any organization should be trained to recognize these and other common behavioral signs that a fraud might be occurring. Moreover, they should be encouraged not to ignore such red flags, even when discovered by accident, as they might be the key to detecting or deterring a fraud.