Companies should be prepared for employee sabotage

A recent case of employee sabotage is the tip of the iceberg, according to one expert.

Richard Brain, technical director for ProCheckUp, claimed that the case with Wand Corporation highlights the threat of internal attacks. He has warned that as the world is experiencing an extended recession and IT and other staff are being made redundant, the risk of sabotage from disgruntled employees is even greater in 2009.

David Ernest Everett Jr. admitted to intentionally damaging a protected computer at Wand Corporation after being fired, when he launched a ‘malicious software attack' on the computer systems of Wand's clients. He also admitted to creating three malicious files designed to crash the computer servers.

Brain claimed that human resource procedures and security systems need to be in place to cope with the increased risk from internal attacks, as they are responsible for running background checks and vetting new staff members, with staff managers closely monitoring staff work quality and performance.

He also believed that any staff members with high level or administrative network privileges will require more in-depth vetting procedures and more frequent reviews.

Brain said: “It is important to have a humane human resource approach to redundancy, though procedures have to be in place for staff with high level access to be escorted from the building if the circumstances demand it.

“Procedures have to be in place between human resources and IT management to communicate any changes in staff roles, to ensure that all appropriate permissions and access are revoked and known administrative passwords altered. At the same time, procedures to deal with the ex-staff member workstations and email backup and hand over to other staff members need to be followed.”

See original article on scmagazineus.com