Insider threats

Mitigating internal risks

Method and products

Integration is preferable to separate layers
Identifying the risks presented by insider threats (notably disaffected employees) is one of the biggest responsibilities of physical security professionals. Best practice has now developed beyond a simple succession of linear protections to integrated overview measures that provide defence in depth.

Development of physical security equipment has seen many components become IP-based devices. This encourages enterprise-wide distribution of data and mitigates against single points of failure. But people and procedures remain paramount; they can alert on atypical behaviour that may indicate internal fraud and industrial sabotage by people who already understand the property and processes.

Even in an atmosphere of data-sharing for the overall good of an enterprise, access control should have tight granularity, and personnel should observe atypical staff movement and audit trails with suspicion at all times. Privileges should be on a ‘need to be there’ and ‘need to know’ basis.

While an organisation may wish to give senior executives more or less free range over a whole estate in terms of opening doors with a proximity card, even a novice facility manager will tell you that if control room software shows your CEO trying to enter a server room or hospital dispensary then the likelihood is that his/her credentials have been appropriated.

The ease with which even high-grade proximity devices can be cloned has prompted increasing use of fingerprint and retina-activated access control but false economies, even at mission-critical establishments, continues to pose theats.

Changing threat horizons
Managing disciplines such as video surveillance, access control, biometric verification and perimeter protection in concert rather than isolation constitutes defence in depth. Innovative installers and designers such as SCS think beyond traditional functional boundaries to create robust solutions that develop as the nature of threats evolve.

Exchange of information between senior, vetted departmental supervisors must be multi rather than bi-directional. Our understanding of what constitutes meaningful data needs to broaden. This may expose unexpected corridors of opportunity for internal miscreants that would ordinarily be missed.
A significant development that can protect against the ‘perfect storm’ of a determined, resourceful inside miscreant is physical security information management (PSIM) which produces correlated data from multitudinous sources in a manner that constitutes truly accumulated intelligence.


  • Sector Employee breaches
  • Tags
Back to Top