How up to date is your insider threat program?

Recent IT security story headlines have focused on network breaches that have led to the capture of millions of pieces of personally-identifiable data.

However, insider threats are still a prime source of problems for enterprises.

One only needs to think in this country of the theft of military secrets by Royal Canadian Navy Sub-lieutenant Jeffery Delisle, sentenced last year to 20 years for selling data to the Russians for almost five years, as a prime example. Another is the loss of data by Elections Ontario staff — apparently an accident, but an insider problem nevertheless.

So a piece in Computerworld U.S. reminding enterprises of the need to be vigilant about data leakage from employees is timely.

Insider threat programs are a combination of best practices, software and dedicated staff looking for possible problems and regularly reminding employees of their responsibilities. But as the piece points out, for any strategy to have muscle the CIO/CSO has to gain support from the top of the organization.

This is particularly important in an era of cloud computing where business units can by-pass the controls that CIOs/CSOs wish to impose on staff.

Another vital piece of a strategy is to form a team from many departments that will understand the needs of staff, partners and others who potentially touch corporate data. IT has to make every effort not to institute policies or procedures that impede productivity and innovation, a vendor quoted in the story rightly says.

A former chief information and security officer at the CIA notes that some solutions are as simple as removing access to sensitive files to only those who need it. Legacy programs written in early versions of C that require users to be logged into Windows environments with administrative privileges, are ripe for fixing. “If they need to run those applications on the internal network, then don’t allow them to connect to the Internet,” he’s quoted as saying Bigman.

IT also can isolate these vulnerable applications by putting them in a virtual environment with a sandbox, in effect isolating them but still providing access to the Internet while protecting them from exploits, the article also notes.



Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web