By Coby Royer, Technical Product Manager for Symplified

Oct 11 2009 - I'd like to applaud some of the recent points that resonated with me raised by Richard Stiennon in his post, "Identifying and Countering the Insider Threat".

For a long time I have been recapitulating concerns to enterprises about managing the internal threat.

And with the recent economic downturn, layoffs and other sources of employee dissatisfaction are increasing the risks from internal threats. The fact is, corporate management must pay attention to the insider threat and implement policies and controls to manage it.

What to Do?

The one message I'd like to leave our readers with is well stated in Stiennon's article: "Identity and Access Management tools are the single most valuable defense you have against the insider threat."

Authentication

Employ authentication strength that is commensurate with risk and which complies with applicable rules and regulations.

Whether this means passwords or MultiFactor Authentication (MFA) such as biometrics or smartcards, be sure to invest in appropriate technologies and train your user base on tools and policy.

Provisioning

Be sure your processes and tools for the creation, removal, and management of accounts do not leave you exposed.

Entitlements and accounts for former employees must be revoked as quickly as possible. Use approval and/or attestation workflows and role based access control (RBAC) wherever possible.