Tuesday, April 22, 2008

The insider threat - Lending Tree

We spend so much time and processes protecting against the unknown external threat - it is time we also took the insider threat more seriously. Case in point - the recent news from Lending Tree about insiders giving out passwords to external entities.

Not that the above could have been easily circumvented by technology, but good process and education of employees would have helped. When trusted employees start sharing passwords, things become very dicey.

More process, threats of termination - interesting times ahead...

No comments: