Monitoring employee activity should work 'like a heartbeat monitor' argues Forcepoint

But don't forget employee happiness, too

Employee network activity monitoring can work without upsetting or demoralising staff, and should function "like a heartbeat monitor", security firm Forcepoint has argued.

Speaking on a Computing web seminar entitled Tackling insider threats without becoming Big Brother this morning (check back soon for on-demand stream), Forcepoint director of products and solutions Mike Smart explained how best to minimise insider threats.

"For me, monitoring is a good place to start, [though] you absolutely have to be able to put technology in that can be configured," he said. "There are some organisations, because of the level of risk, who'll want more context of what's going on, but there's also a control element - do you want to enforce policies as well as see what's going on?"

Smart compared good monitoring to being like "a heartbeat monitor".

"It's always on, but only when things change do you start asking questions. That's useful when you have clear use cases about what you want to protect," he said.

"So once you've figured out the ‘personality' of the data [i.e. its function and context], you can apply certain controls to manage and reduce the risk, and that allows a more flexible approach."

DLA Piper LLP senior associate Katherine Gibson argued that a healthy company culture in which users are treated with respect can help to reduce insider threats.

"Organisations should have policies in place, but ensuring they're complied with is also important," said Gibson.

"There needs to be a live document used by the company," she continued, before adding, "but employee satisfaction and happiness is one of the best ways of preventing malicious insiders."

Gibson suggested that inspiring loyalty doesn't just make employees less likely to act maliciously, they are also more willing to report colleagues who may pose a threat.

Nevertheless, "once the horse has bolted", said Gibson, hard contractual limits always need to be in place.

Forcepoint's Smart agreed, saying that as a security expert he "loves focusing on culture" in organisations, also flagging up the need for user awareness.

"Get them to think before clicking a link or downloading a file," he said.

Gibson suggested "general hygiene" around IT as a good, standard approach to both policy and employee happiness.