Consultants and IT personnel have access! Be Careful.

May 14, 2009 — Leave a comment

Still traveling through Australia and today, working in Canberra in the Southeast.  One of my workshop attendees from a session we did in Colorado passed a great story along to me.  A couple of key points here:

–          This story covers a crime committed against Family First Credit Union in Orem.

–          Over a million dollars was siphoned off over the a year’s time

–          The criminal – their IT outsource company;  however, this time it was  a principle of the company

–          The criminal “Would not have been caught”, if the financial person at the IT provider company had not come forward with evidence.

A couple things we should take away from this.

–          First, if you’re providing IT services, make sure you’re company is doing background checks on consultants before hiring them.  Also hire people of outstanding character.

–          Many smaller companies have one IT person (maybe two) who has access to everything.  If they know what they’re doing, they can siphon off money just like this man.  Once they understand the system, they have the rights, it’s not hard.

–          Every company should have controls in place that detect data leakage and misuse.

Check out the full story here: http://www.heraldextra.com/content/view/305595/18/

In another article I received this morning (it’s Friday morning here) from a colleague at Reclamere,  a study showing how often internal people rip off their employers when things aren’t going well.  The study shows that well over half of those asked, admitted that they have taken data, corrupted systems, or committed some type of cybercrime against their employer after being passed up for a promotion, not receiving enough of a raise, or let go.  Read more at http://searchsecuritychannel.techtarget.com/tip/0,289483,sid97_gci1356147,00.html

Advertisements

No Comments

Be the first to start the conversation!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s