Disgruntled Employees: IT’s Worst Nightmare

By Serkan Cetin, Regional Manager, Technology & Strategy, One Identity APJ

Credit: ID 124787060 © Valeriy Kachaev | Dreamstime.com

Monsters, spiders and clowns are some of the things that keep people up at night. That is, unless you’re an IT professional. For IT professionals, the nightmares are much scarier and not to mention costlier. The 2018 One Identity Global Survey found that IT professionals in Australia and around the world felt their biggest identity and access management fear was disgruntled employees accessing and sharing sensitive information.

The chance of a disgruntled employee having access to sensitive data is common and often overlooked. The 2018 Global Survey showed 77 per cent of Australian security professionals felt sensitive information was easy to steal, and only their morals prevented them from taking information. With that said, 7 per cent of Australian IT professionals said they would probably steal an organisation’s data if they were mad enough. The reality is it only takes one employee with privileged access to cause chaos for IT teams across a business.

Information is the lifeblood of many organisations. Whether it’s confidential business information, lucrative research and development plans, or the personal data of other employees and customers, businesses have a responsibility to stakeholders to keep any sensitive data out of the wrong hands. While executives can’t control the emotions and motivations of their employees, they can put processes in place that reduce the risk of information being exposed.

Considering many organisations still have no way of knowing if users retain access even after they’ve left the company, IT teams must take steps to reduce the damage a disgruntled former employee can cause. IT teams can reduce shared privileged account access, implement processes to quickly shutdown ex-employees access, and adopt automated services to avoid situations where ex-employees accidentally maintain access to confidential and privileged systems.

All employees are unique individuals

Employees are all individuals and should be identified as such. It’s too common for employees to share passwords for privileged accounts. When employees share logins, they are sharing identities. This makes it difficult for IT teams to identify who is accessing the account at any one time. If a disgruntled former employee decides to access a shared account, IT administrators will be none the wiser because the users will be logged-in on an account which normally has privileged access.

Ensuring employees are given individual logins to any privileged information, rather than sharing log-ins, will help IT teams to identify if a disgruntled ex-employee has attempted to access privileged information, and quickly remove their access.

Lock them out fast

Organisations need to be able to deprovision users within minutes of them departing the business. However, some organisations don’t have systems in place to effectively deprovision users within a day, yet alone minutes. Organisations must be vigilant in developing processes to deprovision users from all services quickly. While a manager may complain if a new employee does not have access to their email for a few hours, generally no one complains if an ex-employee still has access to their emails or logins.

Alternatively, IT systems must make it quick and safe for employees to reset their access in the case of forgetting their login details or locked out for other accidental reasons. While the speed in which employees can be given access to their work stations is an often overlooked issue, over one-third of employees say it takes at least 10-30 minutes for their password to be reset. That’s 15 minutes that an employee could be doing their job, instead of having to speak with someone from IT to work towards unlocking their computer.

Embrace automation

Automation should become an IT department’s best friend. This is especially useful in the deprovision process, allowing deprovision to be instant, and ensuring the former employee is removed from all systems, rather than an IT team accidentally missing a service.

In addition to that, organisations should not forget third-party contractors that may need privileged accounts for a period. An effective identity & access management platform will assist IT teams by keeping track of all users with any type of access and providing organisations with the tools they need to manage that access.

Sweet Dreams

It is paramount that organisations know who has access to privileged data, and when they are accessing it. By implementing effective identity & access management controls, IT teams can ensure their sensitive information is safe from former employees and contractors who have ended their project. Executives should ensure each employee has an individual login so IT administrators can easily identify who is accessing privileged accounts, and develop processes that de-provision ex-employees within minutes. Artificial intelligence can be utilised to improve the capabilities of these services, where the service can learn a user’s behaviour to detect anomalies or suspicious behaviour. With these tools in hand, IT professionals will be better equipped to fight off the evil creatures that hide under their bed.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags data protectionIT trainingartificial intelligence (AI)

More about AustraliaMonstersOne Identity

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Serkan Cetin

Latest Videos

More videos

Blog Posts