True story (or so I'm told): With Web mail accounts strictly prohibited by corporate policy and the ban enforced by filtering software, the potential customer assured technicians from Reconnex there would be no need to check for this particular security threat as part of the vendor's free 48-hour e-Risk Rapid Assessment.
No harm in checking anyway, the techs assured their prospect.
And, of course, they did find Web mail, the first of which bragged: "Hey, I finally figured out a way to get around this ban on Web mail."
Author Dan Verton, a former US Computerworld reporter, has collected buckets full of such tales -- many of them far more serious, some downright criminal -- in his new book entitled The Insider: A True Story. While every IT professional already knows that security threats from within are often more dangerous than those kept at bay by firewalls, the book shines a spotlight directly on the depth and breadth of the problem.
There are examples and anecdotes aplenty plucked from today's headlines and recent history. But the book's most telling tales are gleaned from the first 50 of those risk assessments conducted by Reconnex, a start-up headed by veteran entrepreneur Don Massaro.
"This is real live information taken from large companies and agencies, and in some cases where the person doing the criminal activity has not been caught," says Verton, whose previous books include Black Ice: The Invisible Threat of Cyber-Terrorism.
Are you in control of your insider threat vulnerabilities?