A recent study sponsored by Risk Control Strategies, a threat management and risk assessment firm, found that an overwhelming majority of 223 security and human resources executives who manage between 500 and 900 employees said workplace violence is a bigger problem now than it was two years ago. As a result, 23% said employees have intentionally and maliciously downloaded viruses over the past 12 months. The study found that hitting employees in the pocketbook is prompting the burgeoning retaliation.88% of outsourcers cited employee backlash as their primary concern. Viruses used as a weapon against senior management is a problem that can't be solved solely through technological means. For IT security managers, internal investigations will require a whole new set of workplace violence-prevention skills and unprecedented coordination with HR executives. Below is a good guideline to help combat this problem.
Employ Creative Background Checks - It may seem like an obvious step to take, but you would be surprised at the number of companies that overlook this or don't dig deep enough into a potential employee's background before they are hired. Look for key sings. A willful destruction of property is among the numerous types of criminal offenses that surface. Behavior such as this sometimes goes undetected because they tend to languish in the courts. To be extra safe, ongoing screenings should be done even on current employees. Background checks aren't just for pre-employment anymore.
Pinpoint Potential Perpetrators - Workplace violence is almost never spontaneous and, therefore, is foreseeable and preventable. Historical research shows that there are a number of consistent characteristics associated with a perpetrator: predominantly males, between 25 and 40, who don't handle stress well and are manipulative, chronic complainers, among many other traits. However, since a large number of people who pose no threat at all could meet some of these criteria, they should be used in context with other factors such as "red flags" of detection.
Be Ready To React To Red Flags - In addition to fitting a certain profile, violators display warning signs that reveal their propensity for violence, which can include leveling verbal threats, exploding in physical or verbal outbursts, eroding the employee/supervisor relationship, harboring grudges or brandishing weapons to gain attention. Violent acts are often preceded by off-hand remarks to friends and co-workers revealing intentions. Many times, employees haven't been trained on what to look for, the individual isn't taken seriously, or there is no mechanism in place to capture this information and funnel it to the appropriate individuals. Not only should this information be shared with HR, but in turn, with IT security. Approximately 86% of past workplace violence incidents were visibly apparent to co-workers and had been brought to management's attention prior to an incident. Unfortunately, more than 75% of these incidents continued to develop as a result of management's inaction or inappropriate actions.
Like never before, IT managers must monitor their employees to identify the potential enemy within before an act of sabotage is committed. If there is no monitoring, devastating financial damage to the company's network and brand could result. Coordination with HR will be a critical component to ensure that potential problem individuals surface quickly and that mitigation techniques are rapidly employed. I don't know about you, but I have someone who works for me now who fits this profile too well. He has to bitch at everything I ask him to do. I hope he doesn't go postal on me one day.
No comments:
Post a Comment