Spyware Remover: Free Spyware, Adware Removal Programs, Popup Blockers

By Felix P Nater
Contents

1. Workplace Violence Remains a Business Concern
2. The Emerging Threat
3. Case Study

Workplace Violence Remains a Business Concern

From all available research and recent studies, Workplace
Violence continues to be a major business security threat facing
the workplace today followed by Business Continuity/Business
Interruption and Terrorism, Pinkerton Security Survey. Dr. Robert
F. Hester in article entitled: Business Continuity for Small
Businesses said, Safety, security and preparedness aren’t
routinely a focus in our lives. Being on guard is not something
Americans are used to or like doing. Still danger and threat
never goes away; only fades in memory.”

The Emerging Threat

The use of email and the internet by disgruntled employees who
wish to cause a person or a business harm is the new emerging
threat causing business executives considerable angst, so say a
variety of current surveys and research.

While traditional company approaches suggest that the
problem typically deals with the hostile behavior of a
disgruntled employee or the escalation of disputes between
employees; security directors also include the risk posed by
the armed robber and the opportunity criminals as workplace
security concerns.

That was the traditional perspective. Not factored into the
traditional equation is the calculated threat posed by the
“Insider” who has privileged access to the company Intra net,
business email, company files, remote access and management, and
oversight via his or her computer. The advent of remote access
has further muddied the waters.

New, non-traditional approaches to the Prevention of Workplace
Violence and Workplace Security do not disqualify any potential
threat to the safety and security of the workplace, hence the
discovery of new more potent threats. These new approaches
require an analytical perspective that looks beyond the walls and
into the world of minimi!
zed dete
ction and maximum damage.

No longer should responsible officials limit their scope to
preventing escalation of violence between employees; companies
are at risk. New, harder-to-detect methods have arisen for
employees to exact revenge or “make a point”.

One new retaliatory measure at employees’ disposal involves
network “privileged access”. Devastating damage can be inflicted
using such access. While we await the other “Threats from Within
- the Terrorist” to strike, the new “lying in wait” culprit is
the “privileged user” who might be a current employee, former
employee, vendor or contractor with access…who has an ax to
grind or score to settle.

What makes this perpetrator extremely dangerous and drastically
effective is access. The physical access controls that deny
unauthorized intruders do not deny the privileged user access.

“For many years external security threats received more attention
than internal security threats, but the focus has changed. While
viruses, worms, Trojans and DoS are serious, attacks perpetrated
by people with trusted insider status - employee, ex-employees,
contractors and business partners-pose a far greater threat to
organizations in terms of potential cost per occurrence and total
potential cost than attacks mounted from the outside”. (”The
Enemy Inside”, Kristin Gallina Lovejoy, CSO, April 2006).

Following this thought process, one quickly surmises the
magnitude and capability of this perpetrator’s reach. Gone are
days of risking exposure; this perpetrator chooses to wait for
the opportunity, lay a trap, sabotage systems, disrupt operations
and even transfer company files to competitors. “Getting even”
takes on new dimensions.

And so, now we have a new, broader profile and threat to contend
with. The traditional “going postal” profile: Males, 17-60 years
of age, holds a technical position, being married… does not
matter any more.

The new profile is racially and ethnically dive!
rse and
can come
from a broad pool of employees. These are the new suspects.

Case Study:

An employee of a major government agency, feeling victimized by
coworkers and sensing no intervention by management, resorts to
acts of retaliation and revenge.

Initially he adapts to the common threats of physical harm, which
include use of his vehicle, and verbal threats through the
escalatory phases, which included death threats. Fortunately, he
did not ever get the chance to deliver on his believed threat.
While searching the internet for bomb making materials, his
unsuspecting supervisor happened on his computer terminal
accidentally, as he returned from an early lunch. He found the
employee browsing at what appeared to be a bomb-making website.

Sensing a serious breach of user privileges, superiors were
notified and the computer was isolated and confiscated. An
examination of the hard drive revealed an interesting forensic
footprint.

Upon investigation, it was disclosed that the employee was on the
last phase of his bomb-making venture, having left the purchase
of the last ingredients as the last step.

The employee admitted to his actions but denied his intentions.
Because his intent was not clearly established, no criminal
charges were lodged. Suffice it to say, anyone can see the
potential for, and potency of the power of abuse, for a computer
with its built-in tools.

Why does this new approach matter? It matters because the
workplace is the most exposed target for any predator with a
revenge motivation, a terrorist bent or driven by greed and
manipulation. Counterm!
easures
call for a return to astute
vigilance and new policies.

What can you implement immediately? Change passwords for ex-and
former employees. Lock out contractors, vendors and business
partners at the conclusion of official business dealings, and
establish clear policies, guidelines and procedures - with
consequences for breaches and criminal violations.

To efficiently evaluate all visible and camouflaged areas of
risk, create experience-based policy development by consultation
with a qualified security consultant.

When the policies have been set, secure the mindset and daily
habits of managers and employees with follow-up implementation
and education by the security consultant.

Not every company is fated to become a victim statistic in a
publicized study or survey. Use a broad, new approach. In
addition to securing against Workplace Violence using traditional
methods, protect against the new, emerging threats that cause
concerned managers considerable angst, engage a Security
Consultant when necessary, and protect the health of employees
and your business.