5 ways to prevent insider threats

1. Segregation of duties

Regardless of whether a threat is intentional or unintentional, segregating duties remains one of the most reliable ways to reduce fraud risks and data insecurity. Unfortunately, according to Eftsure survey data, 40% of organisations do not have a segregation of duties policy, potentially heightening their chances of an insider incident.

But what is segregation of duties? Basically, it’s an approach in which accountability is diffused across multiple team members, ensuring that no single employee has central authority over sensitive processes like authorising transactions. This might mean assigning responsibilities like approvals, invoice processing or bank reconciliation to separate employees.

According to auditors – specifically, the Auditing and Assurance Standards Board – inadequate segregation of duties can make your business more vulnerable to misappropriation of assets.

By dividing responsibilities and tasks among multiple individuals, leaders make it a lot harder for a single person to commit (or conceal) fraudulent activities. A system of checks and balances safeguards your organisation and can help flag potential issues before they result in severe damage or financial losses.

2. Monitor activity and create audit trails

Especially if you need to detect or prove a potential insider threat, it’s important to have records of employee actions and access. Look for solutions that flag suspicious behaviours and can help you retrace users’ digital actions.

Of course, you’ll want to strike a balance between critically necessary audit trails and over-surveillance. Fortunately, the right technology solution can help you neatly partition user responsibilities and record employee actions within sensitive processes – without making employees feel constantly watched.

3. Lean on technology

Technology can play a crucial role in enforcing segregation of duties within organisations, particularly in mitigating risks associated with payment fraud and error. Leveraging technology not only automates and simplifies the enforcement of segregation of duties but adds a layer of security and auditability that manual processes typically can’t achieve.

These include:

Workflow management

• Approval processes. Automated workflows ensure that different stages of a process can be approved by separate individuals. For example, one person might set up the supplier, another to review the payment, and a third to process the payment.

Automated controls

• Role-based access controls. Customisable roles and permission that limit which actions and approvals a user role can take within the workflow process, ensuring that no single person has control over all parts of a financial payment transaction.
• Access restrictions. Manage specific user access parameters and enforce restrictions where needed, preventing access to sensitive operations or data beyond a user’s role requirements.

Reporting

• Audit trails. An internal audit trail that automatically logs all transactions, users IDs and timestamps and makes it easier to track who did what and ensures accountability and transparency.

Eftsure’s solution can help with all of the above. Request a demo to see how Eftsure mitigates your insider threat risks. 

4. Consider people and culture policies

Working with HR, or people and culture, teams can help you mitigate risks associated with disgruntled employees, negligence or improper training. We know from research that many insider incidents stem from unhappy employees – those who feel they’ve been mistreated or passed over for promotions, for instance.

Minimising these risks means working with people and culture specialists to refine your onboarding and offboarding policies, documentation and policies around career progression, and quantitative measurement like NPS scores or qualitative evidence like Glass Door reviews.

5. Know the warning signs

With the right processes, culture and technology solutions, you can build a zero-trust environment that eliminates the need to constantly micro-manage or second-guess your people. But no system is 100% infallible – it’s still important to keep an eye out for red flags.

Warning signs include:

• Unusual access or activity times. Implementing a segregation of duties policy can bar employees from accessing systems or information they shouldn’t, but it’s another reason why user monitoring is important – you’ll need to keep an eye out for employees accessing (or requesting access to) systems that aren’t part of their usual responsibilities. Even if an employee has appropriate access permission, watch out for unusual hours, such as someone accessing a network remotely late at night.
• Unusual levels of data transfer. Work with your IT team to understand if and when employees are transferring or downloading unusually large amounts of data. This can be an indication that a worker is sending information somewhere they shouldn’t.
• Stressed or upset employees. Of course, this one is critical regardless of whether you think an employee could pose an insider threat – and it’s another reason why it’s important to work closely with people and culture leaders. They can help if you notice that an employee is expressing lots of scepticism about their role, workplace or colleague, or help you step in if someone on your team seems to be experiencing inordinate amounts of stress.