Internal threats and the challenge of the remote working

Nearly two years after the COVID-19 pandemic began, many employees continue to work remotely. While working from home brings with it many positives, some negatives should also be considered, as some tools and connections that employees use in their virtual work environments can become an internal threat.

It is known that internal threats, a security risk that comes from within the organization, means a major problem for companies. This is in part due to the widespread use of social media, encrypted communication platforms, and other tools. Now more than ever, the internal threats need to be prevented, identified and neutralized.

When social distancing policies and protocols began to keep people apart, many turned to social media to stay connected. While tool like social networks are highly useful for people to feel more connected, these platforms have also become an access point within the organization because they allow the propagation of confidential information as well as encourage disinformation.

An example of a potential internal threat may be given by the case of an employee, active in social networks, with access to confidential information, who lacks supervision in his daily work and who works remotely. 

A reason why certain employees may act against their own organization is given by the appearance of financial constraints, common in the context of the pandemic. Another reason could be discontent: Certain employees with access to inside information may hold a grudge because they did not get a job promotion, or were not given a satisfactory performance rating, or may be close to retirement. While only one of these factors should not act as a trigger for an irregular situation, any combination of these along with a change in employee behavior should serve as a “red flag” to watch for.

Another challenge relates directly to the somewhat limited supervision of employees working remotely. In this situation, identifying people with potentially malicious inside information is more difficult, largely because face-to-face interactions are limited. 

The company should then ensure that its employees are aware of the risks from:

• Ensure that their devices, both company-owned and personal devices used for work purposes, are always secure.
• Understand that sending sensitive information to an unsecured location in the cloud exposes the organization to serious security risks.
• Comply all the time with security policies and avoid violating them with the excuse of simplifying tasks.
• Make sure your devices are up to date with the latest security updates.

A failure in any of these issues can produce an environment conducive to malicious internal activity.

The internal threat is an organizational threat and therefore must be approached from a holistic perspective. A multidisciplinary team (involving the areas of Legal, Human Resources, Communications, Systems, Compliance, etc.) can serve to address such threats. An alternative is to conduct a risk assessment of the company’s security processes or a threat assessment to the company’s people or assets. Every organization has some level of vulnerability, so it is essential to identify the most critical assets, information, and systems. To identify the people who have access to them and implement controls to that environment to provide greater security.  

On the other hand, an up-to-date training program can help staff and senior management to identify anomalous patterns of behavior. There should also be an anonymous and confidential reporting hotline that allows employees to report misconduct or irregular actions by another colleague. That information will be handled discreetly – to protect the whistleblower and avoid possible retaliation – and, if necessary, action will be taken accordingly to investigate the matter.

It is important to understand the challenges posed by remote working. Virtual working exposes us to an environment of security risks for companies in which employees who would not normally participate in internal threats become more vulnerable to them. Through new technologies, those looking to harm an organization or profit from it are looking for new opportunities to attack.

It is the responsibility of senior management to take proactive steps to ensure that employees are aware of the potential for internal threats and the seriousness with which senior management views the matter. And it is the responsibility of all actors in an organization to remain alert.

At G5 IntegritasLatam we can help you doing a risk assessment of the company’s security processes –tailored to your needs– that includes an analysis of potential threats to people or assets of the same. For more information, you can contact us at: www.g5integritasLatam.com