Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

The enemy within

April 22, 2004 12:00 PM ET

Computerworld - On March 23, 2004, an employee at an Anaheim, Calif.-based insurance company was indicted on federal wiretapping charges for allegedly installing an electronic device onto a company computer to record every keystroke made on one keyboard. According to the indictment and a criminal complaint filed earlier in the case, the accused installed a device called a "key katcher" on a computer connected to the Internet that was used by a secretary to the vice president of the insurance company.
This is believed to be the first case in the nation in which a defendant was charged with illegally using keystroke-logger hardware. Such a device is attached to a computer keyboard cable to record every key pressed on the keyboard. Parents use these to monitor the computers accessed by their children, but in this groundbreaking case, the device was used to record keystrokes pressed by company employees.
The insider threat
It has been argued that the greatest vulnerability for an organization arises from security breaches perpetrated by insiders. Since fraud, theft and blackmail can be accomplished more easily by insiders, implementation of employee awareness programs and computer security policies is imperative. These threats can lead to the loss, corruption or unavailability of information, resulting in a disruption of service to the organization's clientele.
Restricting access to information that may be altered or misappropriated reduces this exposure. The institution may be held liable for any release of sensitive or confidential information pertaining to its customers; therefore, appropriate procedures to safeguard that information are warranted. In his Feb. 24, 2004, testimony before the Senate Judiciary Subcommittee on Terrorism, Technology, and Homeland Security, Keith Lourdeau, deputy assistant director of the FBI's Cyber Division, stated that "Insider attacks originate from a variety of motivations (e.g., financial gain; personal grievances; revenge; recruitment; or coercion). It isn't necessarily the motivation that makes insiders dangerous, but the fact that they may have unfiltered access to sensitive computer systems that can place public safety at risk."
Following the tragic events of Sept. 11, 2001, security as a whole has been at an all-time high. Security personnel should know how to handle intruders, bomb threats and other disturbances. It remains imperative that the locations of critical IT assets aren't publicized and that the facilities where they are housed remain inconspicuous. A disgruntled employee may try to sabotage facilities, equipment and data files. Therefore, personnel policies should require the immediate removal from the premises of any employee reasonably considered a threat and the immediate revocation of that employee's computer and facility



Jump to comments

Security

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...