| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
| « May | Jul » | |||||
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | ||||
- Blogroll (51)
- CIP (132)
- HLD (511)
- HLS Book Reviews (8)
- HLS Conferences (37)
- HLS Exercise (2)
- HLS Products (7)
- State & Local (80)
- Uncategorized (49)
- Warden Messages (3)
- WMD Guides (2)
- August 4, 2010: WIKILEAKS AFGHAN PAPERS KILLING OBAMA
- July 30, 2010: National Security
- July 30, 2010: Massachusetts vs. the Electoral College
- July 29, 2010: IMMIGRATION DECISION WILL ERODE OBAMA SUPPORT
- July 29, 2010: Sheriff Joe Arpaio: I'll Enforce Arizona's Immigration Law
- July 28, 2010: Pelosi, Reid: Divorced From Reality
- July 27, 2010: Counter-Terrorism – Israel Identifies The Perfect Terrorist
- July 27, 2010: Domestic Terrorism Case Shocks Remote Alaska Town
- July 27, 2010: Mexico – Guards Allegedly Released Inmates To Commit Massacre
- July 26, 2010: South Korea (Country threat level - 2):
C I P
C T Specialties
Chem-Bio Guides
Conferences
HLS Publications
HLS Sector
Political
Readings
The Old Blog Archives
Travel Booking
- August 2010
- July 2010
- June 2010
- March 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- February 2008
- January 2008
- December 2007
- November 2007
- September 2007
- August 2007
- July 2007
- April 2007
- March 2007
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
Model Employees May Be The Insider Threat
Several blogs and articles have discussed the increasing reluctance of employees to take vacation time, even if it is mandatory. While reading these articles, I can’t help but notice a lack of discussion about the security implications of this.
Internal investigators will tell you that a employee refusing to take vacation time, or refusing to take a large amount of time at once can be a red flag.
Why?
An employee committing embezzlement, fraud, stealing data or otherwise manipulating books or records needs to have continuous control over those systems to maintain the theft and avoid being caught.
In fact, many aspects of what we consider to be “model” employee behavior can actually be a red flag:
Volunteers often for new projects and duties; particularly in security, finance, or record keeping duties. Often these duties, like processing receipts for reimbursement, are the least desirable duties. After a few volunteer projects, a manager might find that least privilege and separation of duties policies may be being circumvented.
Early in, late out. First in and last out employees have access to files, computers and offices with little or no security or monitoring measures. The employee offering to make coffee in the morning maybe up to something more than making sure the office is perky.
Constantly remaining in touch while on vacation, doing work while on vacation, and working overtime before and after vacation. These may all be attempts at communicating with someone in collusion with the fraud, or at maintaining control over the work product. If your employee insists that he or she completes all work before going on vacation instead of handing over the materials to another employee, this could be cause for concern.
Leave a Reply
You must be logged in to post a comment.