How can we stop insider theft?

Features
By Rory Bathgate
published

Identity management could be the first line of defense against insider theft, and AI has a role to play

The words 'How can we stop insider theft?' with 'insider theft' highlighted in yellow and the other words in white, against a lightly blurred photo of a USB resting on a Mac keyboard
(Image credit: Future)

As businesses increase their digital estate, insider theft poses an increasingly large risk. Whether it’s through malicious parties gaining access to crucial systems and data or employees stealing information to which they should never have had access, firms should be considering these scenarios carefully.

This has been exacerbated by the economic climate, with layoffs and a greater reliance on third-party individuals leading to a lack of oversight and cohesion when it comes to access management. Stolen credentials or over-provisioned contractors can be the first crack in the armor for any business.

In this episode, Rory speaks to Fran Rosch, CEO of digital identity specialist ForgeRock, about the pressing need for better scrutiny of third parties and how companies can control systems access through identity governance. 

Highlights

“By leveraging technology, you can really limit your exposure, because you really understand who has access to what and you're limiting the privilege to information unless it's absolutely needed for people to do their jobs.”

“When we think of this accidental user-driven compromise, a lot of it comes down to good old-fashioned phishing, or spear phishing… where users get an email, they think it's from their colleague or they think it's from IT.”

“What we believe, ultimately, is that through open standards and policies there have to be several different… credential issuers or identity providers (IDPs). And as long as they follow open standards, then companies can go ahead and rely on them.”

Read the full transcript here.

Footnotes

Subscribe

Rory Bathgate
Rory Bathgate
Features and Multimedia Editor

Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.

In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.