With cyber-attacks and data breaches on the rise, data security is more critical than ever, irrespective of the size and nature of your business. And while the threat from external sources is undeniable, it is equally important to turn your gaze inwards, to the risk of insider fraud and mishandling of data - both too often neglected in security and prevention strategies.
An insider threat can be a current or former employee, service provider, supplier or contractor, or anybody else that may be able to gain access to your confidential data. These individuals are likely to have access to sensitive information, often with the responsibility to protect it, leading to severe consequences if it turns out they can't be trusted.
However, not all internal data loss occurs from intentional acts of insider fraud, with frequent cases of employees casually mishandling data, whether through sending documents to personal e-mail accounts, downloading data to their personal device or using insecure apps for their work. Employee turnover can also lead to data loss, where former employees intentionally retain confidential information to use in their new role or business.
So, what can you do if you suspect an employee is committing data fraud? Here's a few steps you can take:
If you identify a breach and suspect insider fraud, prepare an investigation plan with the help of either your in-house lawyer or external legal expertise. This will provide a structure and accountability for the investigation, while also helping to protect you if you face litigation or regulatory action later.
Next, try to identify and collect evidence covertly of what caused the breach, including what information has been accessed and how, reviewing emails, telephone records and software logs for clues as to what has happened.
Consult your lawyer to decide whether you need to contact any regulatory bodies such as the Information Commissioners Office (ICO) or the Financial Conduct Authority (FCA), if you are a financial services business.
Consider the potential reasons the information may have been stolen, whether for monetary gain, or another motive. This will help you ascertain whether the data is retrievable or not – and if so, how.
Consider carefully when is an effective time to interview the employees involved. If the interview is carried out too early you may not have enough evidence to prove the offence, and if it's too late you may miss your chance to contain the breach.
Make a decision on how to retrieve the data securely. In some cases, just the threat of action will be enough, but if not, the law is there to protect you. With sufficient evidence you can obtain a search and seizure order.
Most importantly, learn from the incident and consider changes that can prevent future breaches, whether that means closer monitoring of employees, updated security software, or different usage controls.
Unfortunately, insider fraud and misuse of data within the workplace are on the rise, with the Kroll Global Fraud Report showing that 81% of companies affected by fraud reported insider perpetrators. It is therefore vital that businesses are aware of how to protect their data and then act quickly if a breach does occur. Otherwise they could face serious financial and reputational repercussions.
To find out more on how you can cover your company call us or click here.