Workers in key risk areas must be supervised closely, according to King. Managers should be alert to what employees are doing -- if they're working evenings and weekends, what are they at work for? It should also be a high priority for organisations to have security policies and guidelines in place, clearly updated and distributed. King advises organisations to establish and communicate a code of ethics. "If you don't, how can you give someone a whack for doing the wrong thing?" he said. Confidentiality and ethical behaviour contracts that clearly inform people that if they're found to have acted unethically, termination may result, should become common practice in the workplace, he said. "You need to be upfront with people," he said. "Tell them what the consequences are if they breach the code of conduct...it all boils down to the employee buying into your business activity." Police checks
With a police career spanning 24 years, King is a clear advocate of organisations checking up on potential employees' backgrounds. Careful consideration of recruitment, he said, must be at the forefront of every employer's mind. While no one is going to tell you that they've been ripped off AU$200,000 by someone who is now applying to work within your organisation, "You need to do some investigation, put your copper's hat on," King said. Potential employers should inform applicants that they'll be subject to successful police clearance and if a threat is uncovered within the organisation "don't simply handball it on", he said, or the insider hacker will spread "like a human virus" around organisations, ripping off everyone. Workplace culture
According to King, half of all employees that defraud companies have no remorse or guilt about their actions. Corporate crime is often regarded as a victimless crime and often occurs after resentment has built-up, or workers have been provoked by not feeling part of the team or having been overlooked for promotion, for example. Therefore, it is important for business mangers to know what their organisation is like to work in, and should be asking themselves the following questions:
- What is the workplace culture and climate like?
- Are employees working 14-hour days, six days a week?
- Is that appreciated? Expected?
- Does the current workplace culture hinder or support security management?
For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.
Have your say instantly, and see what others have said. Go to the Security forum.
Let the editors know what you think in the Mailroom.
