“Insider” is a Tom Petty song, originally written for Stevie Nicks.  He liked the finished tune so much that he could not give it to her.  Instead, she took on “Stop Draggin’ My Heart Around.”  Insider explores the themes of secrecy, mistrust, and self-exposure.  Petty says inspiration came from a tragic fire started in his home by a stalker who got inside and tried to kill Tom and his family.

The threat of an insider taking down or ruining your business is just as real.  We know of a recent example where a number of employees of a large firm downloaded key materials including price lists, client lists, and procedures for years, unbeknownst to the owner.  One day, they all left and went on their own.  It was all well planned and took a huge toll on the business and its owner.

The Insider Menace Can Take on a Variety of Forms

The insider menace can take on a variety of forms.  One is obviously fraud where the insider is looking for financial gains.  Another is a data leak—planned or incidental—where cybercriminals gain easy access to confidential information which can negatively impact the business.  A third is outright intellectual property theft of proprietary company assets such as copyrights, trademarks patents and the like.  A fourth is internal disruption, purposely disturbing internal information flows and procedures to cause disarray.

No Insider Threat is 100% Avoidable, but There Are Ways to Reduce Risk

No insider threat is 100% avoidable, but there are things that organizations can do to reduce the risk.  The first is to ensure that your employment agreements with staff are up to date and protect you and your business as much as possible.  Secondly, there are a variety of ways an IT provider like IT Radix can employ Data Loss Protection (DLP) software and process throughout your network and workflow.  Finally, a sound, measured approach to Information Rights Management is a terrific way to ensure that only those who need access to key company information and property have it.  Ways to do this included access can only be gained from an internal company IP address, and/or only by logging on to a company-owned, regulated, and managed machine.

There are many more ways IT Radix can help your firm remain protected from an “inside job” and not become the “broken hearted fool” at the center of Tom Petty’s song.  Contact us anytime to make a plan to reduce your risk.

First published in our May 2024 IT Radix Resource newsletter