- Determine what high value items exist: classified information, personal identifiable information, technical data, proprietary data, etc.
- Determine where high value items exist: security container (s), location in building, in computers, in warehouse, etc.
- Identify who has access to the high value items by name and location
- Use technology or locking devices to prevent access to unauthorized persons: GSA Security container, high security locks, password protection, segregated networks, segregated computers and hard drives.
- Control access to printers, faxes and computers. System administrators, ISSMs, ISSOs and others can use technology to limit downloads, print jobs, copying and etc. Technology can monitor and approve who conducts these tasks, time of day, and amount of data transferred.
- Require permission to access high value items: An employee’s use of information technology should be treated as a privilege, approved, monitored, audited, by and authority and violations reported.
If you would like more information on insider threat training, just visit http://www.redbikepublishing.com/insiderthreat/
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".