If media reports on the alleged embezzlement by an employee at Wipro are to be believed, insider threat seems to be emerging the biggest challenge for the IT companies.
In the Wipro incident, it is alleged that the fraudster, a qualified chartered account who was employed with the company’s ‘controllership’ division in the finance department managed to siphon off around $4 million from the company’s bank account by accessing a colleague’s password.
This report once again lends credence to the belief that a good proportion of the frauds and security incidents are being caused by the insiders of the enterprises – either disgruntled staff or greedy techies or sacked employees.
Lack of well-defined internal controls and access restrictions generally pave the way for security incidents. It is also increasingly becoming clear that stolen identities are serving as the ‘hacking channel’ for many cyber-crimes/frauds and improper management of the administrative passwords could potentially remain at the root of a good number of security threats.
How do we avoid cyber threats / frauds?
Not all security incidents could be prevented or avoided; But, the security incidents that happen due to lack of effective internal controls are indeed preventable. Enterprises should take preventive action to combat cyber-criminals and to ensure information security.
One of the effective ways to achieve internal controls is to deploy a Privileged Password Management software that could replace manual processes and help achieve highest level of security for the data.
Read this paper “Combating Cyber Security Threats” from ManageEngine Password Manager Pro for more details and share your feedback.