E R T N
P
X
E INIO
OP
employer can quickly learn about such
situations and take actions to counter
them correctly.
The risk officer of a retail service
company detected that a sales manager
expressed dissatisfaction with the tasks
and working conditions in conversations
with his colleagues.
The employee even talked about leaving
the company for competitors. An
investigation was launched to prevent
data leakage because the employee
had access to client databases and
confidential documents. It turned out that
the employee was an experienced and
diligent worker but hadn’t had a salary
rise for two years. The head of sales
talked to the employee and solved the
problem – the salary was raised and the
scope of tasks was amended.
This situation could be solved with the
help of data encryption and access
rights control. However, if a company
wants to save valuable employees and
return them to their workplace with
a more positive outlook, it needs to
perform employee loyalty monitoring.
Profiting from corporate
resources
Unfortunately, the use of corporate
resources for personal benefit is a
common thing. An employee might
get access to confidential data but an
42
abnormal event detection system will
minimise negative impact.
One of our clients had a high-
profile incident.
The information security department
of a development company found out
that one of the employees installed
Photoshop on his PC, which wasn’t a
necessary software to perform duties.
The system also raised an alert about
the constant copying of commercial
offers. An internal investigation revealed
that the sums of money in these
documents were falsified: changed to
bigger ones. Thanks to abnormal events
monitoring, the company was able to
detect the fraud scheme.
Internal corporate risks
prevention
Understanding the influence of the
human factor on a company’s processes
is already half the work done, but to
make a success you have to ensure an
integrated approach to risk management.
And to perform this you need to answer
the following questions:
Who is in charge of risk
management in your company?
One aspect of the risk management
landscape is the responsibility of
organisations and their employees. In
A company has to
implement a solution
that includes the
features of EMS and
DLP with modern
forensic technology
and a wide range
of reports.
Issue 10
|
www.intelligentciso.com