Monitoring & Review
It is important that the risks an employee may pose are not only reviewed at the pre-employment stage. A programme of monitoring and review should be in place to enable potential security issues, or personal issues that may impact on an employee's work, to be recognised and dealt with effectively throughout their career.
There are different mechanisms to enable this, for example:
- Line management - ensuring line managers are well-equipped to endorse best practice security and engage with their staff to help them understand security behaviours. They play a key role in helping the organisation develop a good security culture.
- Staff vetting reviews - ensuring employees are regularly reviewed for security clearances helps to keep sight of any significant changes individuals may go through and how this may impact on their organisational engagement.
- Protective monitoring - using the organisation's IT audit logs to understand employee activity and behaviour. Spotting and investigating IT security breaches is the traditional remit of protective monitoring. In addition, it may be that subtler IT behaviour change can be seen which could point to a potential issue when combined with information from members of the Insider Threat Practitioners and Stakeholders.
- Effective reporting/assessment mechanisms - providing confidential mechanisms for individuals to report concerns about any employee (whether permanent, contractors, management, visitors or anyone else with access to an organisation's assets) allows everyone to play their role in reviewing the risk of others working in the organisation.
Existing Products
Security Professionals
HoMER - Holistic Management of Employee Risk
Personnel Security and Contractors
Human Factors in CCTV Control Rooms
Employee IT Monitoring and the Law
Reducing Data Exfiltration by malicious insiders
Employee Assurance Tools
Staff that are vigilant and proactive when it comes to security will make it harder for a hostile to gather information needed to plan an attack. In addition, a vigilant workforce can be promoted as a security measure through your communication channels.
This campaign is designed to help identify employees needing extra management support or attention; recognise any issues early; and intervene before their behaviour becomes a security threat to your organisation. Campaign materials include a briefing sheet, guidance, codes of practice for individuals and employers as well as legal and policy considerations
For access, please email your NPSA Advisor.