As a security team, your focuses are on role-based access, segregation of duties, and making sure the right people have the right access to the right things at the right time. But what about the employees within other functions? Are there employees who are putting you at an uncommon risk? Here is a look into those employees and how you can mitigate their risk.

1. 4 Employees Putting Your Business
At Risk

2. 2
Who, Me?
As a security team, your
focuses are on role-based
access, segregation of duties,
and making sure the right
people have the right access to
the right things at the right time.
But what about the employees
within other functions? Are
there employees who are
putting you at an uncommon
risk?
Here is a look into those
employees and how you can
mitigate their risk.

3. 3
The Contemporary Creative
Who they are:
• Driven to get the job done
in the most creative and
innovative way possible
• Seeks ways to work
around or bend rules to
get the job done
• Curious about the latest
and greatest technology

4. 4
The Contemporary Creative
How to mitigate their risk:
These innovators may be
great at their jobs but they
also need to be reigned into
your security parameters and
need to understand what can
and cannot be connected to
the network.
How they can hurt you:
By bending the rules and
using unapproved new
technology, they are
opening up your network to
breaches.
The rise of BYOD and
cloud computing has
increased their digital
footprint and your risk.

5. 5
The Intern
Who they are:
• Interns can be seasonal
or a yearly addition to
your team
• In order to be credible,
they need access to
certain applications
• They may need access
to high-level information
based on what they or
their bosses are working
on

6. 6
The Intern
How they can hurt you:
Without proper training,
they will not understand the
risks they pose to the
system.
As a temporary member of
the staff, their termination
may be overlooked and
their access may not be cut
off.
How to mitigate their risk:
All interns should be
trained to enforce the
importance of being
security-minded and
knowing the risks they
pose to the system. Once
their term is over, make
sure their access is cut off
as you would with any
other termination.

7. 7
The Bad Apple
Who they are:
• Not quite corporate
espionage but
employees who are
disgruntled and have
access to highly
sensitive information
with any chance of
exploiting it
• Look for who is taking
information to see if they
really need it

8. 8
The Bad Apple
How to mitigate their risk:
You need the ability to see
when critical information is
being downloaded by these
employees outside of their
role. Look for accounts with
privileged access,
especially above their role,
and keep an eye on all
activities.
How they can hurt you:
Disgruntled employees
often take proprietary
information and hoard it
before leaving
They can either take this
information with them to a
competitor or simply
release it breaching your
security protocol

9. 9
The Apathetic
Who they are:
• Team members who are
too lazy to learn the
security policy or to
learn new systems in
order to help keep
themselves and their
organizations safe

10. 10
The Apathetic
How they can hurt you:
By using easy passwords,
not keeping them secure,
and not changing them
often enough
By being an apathetic
approver who grants
access without asking
questions
How to mitigate their risk:
Intensively train these
employees on all security
protocols and make sure
they understand the
importance of being a
security minded culture.
Put in place automatic
password updates, security
updates and news, and
mandatory training
programs

11. 11
What’s next?
Are any of these employee categories part of your
organization?
Are you prepared for the risks they bring?
Do you know what risks are currently in your system?
Let Courion help.
With a Quick Scan of your systems, we can show you
where your critical risks lie and how to secure them.
Request a Quick Scan >>