In today's world, it is the internal employee and other internal threats that are the biggest security concerns for any organization. There are a lot of measures to ensure that one is well protected from the external threat but most companies do not concentrate that much on the internal threats. Follow the best practices for to mitigate internal risks. A few of my suggestions: Have a well defined Internal Risk Assessment Program and Group. Ensure that you empower this group with the powers to take corrective measures against errant employees and also that the top management toes the line too. Conduct periodic internal risk audits. It would be better if these audits are sudden in nature. Ensure that all documents and other sensitive data are adequately protected and access to the same is well documented and logged religiously. No compromise/diversion from the existing policies defined whoever may be the person submitting a request. ...
“The computer was born to solve problems that did not exist before.” – Bill Gates