Identify and Stop Rogue Employees Before They Become a Security Threat There are three types of rogue employees: The Innovative, The Bad and The Lazy. Here's how you can identify and stop them in their tracks.

By Troy Moreland

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

Our age of seemingly limitless technological advancements are rapidly transforming every aspect of our lives, particularly what it means to go to work in the 21st century. But this has also led to the likelihood that employees are using tools outside the scope of what their employers allow (think: cloud-based computing, storage and file-sharing tools), unintentionally jeopardizing the security of their organization.

Companies often overlook these rogue employees, despite the fact that they pose just as serious a threat as employees with malicious intent -- and even more for many organizations. There are three types of rogue employees: The Innovative, The Bad and The Lazy. Here's how you can identify and stop them in their tracks:

The Innovative

They are creative, curious, ambitious, resourceful and efficient. They have a relentless drive to get the job done and even a healthy dose of rebelliousness. Unfortunately, their effectiveness and independence can prove to be seriously deleterious to organizational security.

Related: 3 Tips for Legally and Ethically Monitoring Employees

These ambitious employees will seek out workarounds to improve their performance, even if that means bending the rules. Curious workers and early-adopter types might be fascinated by the latest and greatest technology advancements and enjoy trying them out. Others might feel constrained by onerous rules -- rules that they resent for slowing them down, and rules they view as intended for those less capable and less trustworthy than themselves.

The rise of BYOD working environments, mobile apps and cloud-storage solutions further enables such behavior, adding convenience with each advance in capability.

The reason The Innovative rogues can present such a danger is precisely because they are great at their jobs. But the danger their ruthless efficiency presents to the security of an organization should not be underestimated.

The Bad

It's easy to picture this variety of rogue employee: hackers, thieves and spies. But it's not always so Hollywood. Disgruntled employees with access to highly secure information and enough of a grudge to exploit it, slighted workers who dramatically quit and steal proprietary information and terminated employees determined to exact revenge are The Bad employees to look out for.

Related: How to Create Security Awareness at Your Company

The most prevalent example of The Bad might be the Access Hoarder, who demands to be involved in as many processes and systems as possible, even ones far removed from his or her role. But as they accrue access to more and more systems, the risks they pose also add up.

It's not only about them having the ability to see, share and potentially alter or steal sensitive information. It's also about the long lists of log-ins and passwords they leave in their wake, which increases the likelihood of some accounts being underused or forgotten.

Rarely will you see a scary headline explicitly mention how an Access Hoarder almost brought down a company. The reality, though, is that even in high-profile breaches, when the bad guys do break through an organization's perimeter security controls (e.g., firewalls), their first priority is often commandeering an account — and it's exactly these types of over-privileged accounts that serve as prime targets.

The Lazy

For any organization, the leading cause of risk is laziness. These employees may not be concerned with following drafted protocols -- that is, if they even understand them or know they exist at all.

Perhaps they store their usernames and passwords on post-it notes, or use Dropbox instead of a sanctioned storage and file-sharing service, because it's all they know and they don't want to learn something new. All the while they have no idea that their insistence on circumventing corporate policies opens up their organization to serious risk.

Even scarier might be a systems administrator who turns out to be part of The Lazy rogues. Maybe they grant access to people in the organization they're friends with and trust, rather than taking the time to go through proper channels, documentation and authorization.

Education, training, constant monitoring, severe access restrictions -- these might help alleviate the problem, but they are in no way fool-proof solutions to the threat posed by rogue employees of any type.

The surest course of action to protect the data, privacy, and stature of your organization is to use identity and access management software to automatically grant access to resources only when an employee needs it. This eliminates the ability of employees to access information they shouldn't be able to see, stopping them from going rogue even by accident.

Related: 5 Cutting Edge Ways to Combat Employee Theft

Troy Moreland

Co-Founder and CTO of Identity Automation

Troy Moreland is the co-founder and CTO of Identity Automation. He has more than 20 years of experience, including leading efforts to select, design and deploy one of the first commercially successful identity management implementations in the U.S. Since founding Identity Automation, Moreland has designed and implemented identity management solutions for hundreds of organizations.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Related Topics

Starting a Business

This Retiree's Leisurely Side Hustle Makes $66,000 a Year and, 'You Don't Even Need to Go to High School to Do It'

Barbara Hill wanted a flexible, part-time job that would transition well into retirement. Now she mentors younger people who are making over $200,000 a year. Here's her insider's guide to getting started.

Business News

Who Owns The Rights to Your AI-Generated Content? Not, It's Not You. Uncover The Scary Truth That Puts AI Users At Risk.

The realization that copyright laws do not protect AI-generated material might come as a shock to many.

Business News

Apple Reportedly Told Dozens of Employees They Must Relocate or Be Terminated

An estimate 121 employees will be affected by the decision.

Business News

HP Wants You to 'Never Own A Printer Again,' Launches Rental Subscription

In February, HP's CEO Enrique Lores stated that making printing a subscription service was the company's "long-term objective."


The Miley Cyrus Approach To Marketing — Why It's a Radically Different Method For Achieving Brand Impact

In case you missed it, Miley Cyrus recently won her first Grammy. In her acceptance speech, she told a story that is a great learning lesson for business owners and marketers alike, especially those who find themselves burned out and exhausted in this current environment.

Business Ideas

How to Start a Travel Service

With diverse options like corporate travel, niche travel and franchising, there are a number of ways you can put your love of travel to work.