Employee outsourcing his job a security risk

Employee outsourcing his role a security risk

Verizon released information about an employee who outsourced his job to China. He was a software developer for a US critical infrastructure company, who used Verizon as its security team.

A security audit conducted by Verizon revealed an unauthorised VPN connection from China, that was using the employee’s credentials. The company naturally assumed the connection was some sort of unknown malware that was able route traffic from a trusted internal connection to China, and then back.

A basic investigation of the downloaded files found hundreds of .pdf invoices from a third party contractor, in China who took less than one fifth of the employee’s six-figure salary for a Chinese firm to do his job for him. He instead surfed the net and used social media.

Investigators also had the opportunity to read through his performance reviews while working alongside HR which noted him as the best developer in the building for quite a period of time.

Here are some tips for ensuring your employees are doing their job and not placing your company at risk:

1. Conduct regular meetings

Businesses should conduct a performance reviews more regularly than once a year– maybe even once a month.

Do not focus these discussions just on performance, but instead  use them to catch up and get a general feeling for how things are going. These types of meetings help to see if there are any problems with the workload. It’s a good way to keep on top of what people are doing.

2. Ask the other employees

Seeking feedback from other employees can help. A manager isn’t always going to get the best perspective on whether someone is working to their best potential  if an employee only reports to their manager. It is handy to get the perspective of other workers.

3. Keep them passionate

Bosses say, they pay the employees to do the work, but it helps if they actually like what they’re doing. Check up on job requirements regularly, and give employees task that they enjoy. The staff should have work that is motivating.

4. The last resort – electronic monitoring

Electronic monitoring such as cameras and on-screen recording requires careful adherence with specific laws. Employees who know they’re being watched tend to do the right thing