Monday, April 6, 2009

Monitoring and Preventing Insider Theft

In the course of identifying and preventing potential identity theft incidents, it is important to consider how the information could be used for ill-gotten gain. It is also important to know how that information is accessible. For especially valuable information, it is reasonable to expect outsiders to try to gain access to this information: the call center inquiry into changing an account’s physical address, the phishing for weaknesses in procedure… but what of the insiders who have greater access to the precious information?

Blue Lance recently blogged on the vulnerability of the information security firm Symantec and their recent insider theft incident. This shows how any firm, ANY, is susceptible to insider theft. A robust continuous controls monitoring platform, especially one that considers disparate data sources, could have identified patterns between in-bound calls and account inquiries by customer service reps, providing an early warning for inappropriate behavior. Actimize is a software vendor with an innovative application for monitoring call centers, primarily in the financial services space, and this space is one with increasing competition.

Enterprises should consider the access and use of company information by company employees as valid transactions that require monitoring. When an employee (or outsider!) begins accessing credit data that is outside of his typical area of responsibility, this should be a warning. While this may occur less frequently than outsiders’ attempts to steal an identity, the magnitude of a successful theft is much more significant.

Joe Oringel
Visual Risk IQ
Charlotte NC, USA

No comments: