Table of Contents
- What is a Security Officer?
- What are the Duties of a Security Officer?
- What is Physical Security of a Property?
- What is Citizen Arrest?
- What is a Trespasser?
- What Duty of care you own to anyone entering the Property?
- Why are Security Report Forms so important?
- What are Post Orders?
- Physical Security and Information Technology
- Environmental Hazards
1. What is a Security Officer?
A Security Guard or Security Officer is usually a privately-employed person who is paid (directly or through a security firm) to protect property and/or people. Usually security officers are uniformed and act to protect property by maintaining a high visibility presence to deter illegal and/or inappropriate actions, observing (either directly, through patrols, or by watching alarm systems or video cameras) for signs of crime, fire or disorder; then taking action and/or reporting any incidents to their client, employer and emergency services as appropriate.
Back to Top
2. What are the Duties of a Security Officer?
The security officer motto is to "detect, deter, observe and report." Security officers are not normally required to make arrests (but have the authority to make a citizens arrest). In contrast to the above mentioned motto, a Private Security Officer's actual primary duty is prevention of crime. Security personnel do enforce company rules and can act to protect lives and property. In fact, they frequently have a contractual obligation to provide these actions. Security Officers are often trained to take accurate notes and write effective reports, and perform other tasks as required by the property they are protecting.
One major economic justification for security personnel is that insurance companies (particularly fire insurance carriers) will give substantial rate discounts to sites which have a 24-hour presence; for a high risk or high value venue, the discount can often exceed the money being spent on its security program. This is because having security on site increases the odds that any fire will be noticed and reported to the local fire department before a total loss occurs. Also, the presence of security personnel (particularly in combination with effective security procedures) tends to diminish "shrinkage," theft, employee misconduct and safety rule violations, property damage, or even sabotage.
Security personnel may also perform access control at building entrances and vehicle gates by ensuring that employees and visitors display proper passes or identification before entering the facility. Security officers are often called upon to respond to minor emergencies (lost persons, jumpstarts, dead vehicle batteries, etc.) and to assist in serious emergencies by guiding emergency responders to the scene of the incident and documenting what happened on an incident report.
Back to Top
Physical security describes measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media. It can be as simple as a locked door.
The field of security engineering has identified three elements to physical security:
- Obstacles, to frustrate trivial attackers and delay serious ones;
- Alarms, security lighting, security guard patrols or closed-circuit television cameras.
-
Many times
physical security is compromised inadvertently by someone who had no malicious
intentions whatsoever. For example, a company’s custodial worker is vacuuming
the floor of the company server room. As the custodian vacuums under the
server table, he or she inadvertently snags the server power cord with the
vacuum and pulls it out of the wall. Without the proper physical security
safeguards or controls in place, this particular accident could cause the
server to shut down. This may seem like a benign incident, but due to the hard
shut down, could potentially cause sever malfunction when rebooted. This could
result in company down time and negatively impact production, all of which
could ultimately cost the company money.
Perimeter and barrier protection
a. Natural barriers: landscape and terrain
b. Fencing: type and construction
c. Walls and ceiling construction: high risk areas
d. Gate facilities: security checkpoints
e. Frequency of patrols and security checks
f. Door and window locations and security devices used
g. Reception areas: location and control of entry
h. Employee surveillance and vigilance
i. Parking areas: entrance/exit, access to facilityEffective security aspects of the following areas:
a. Barrier controls, fencing, building design, etc.
b. Lighting conditions for security illumination
c. Obstructions to security patrols and surveillance visibility
d. Exterior doors, access points, entrances, etc.
e. Exterior windows and other openings
f. Possible points of concealment and climbing aids
g. Trash collection areas and disposal of documents, papers, etc.
h. Alarm systems and related security devices
i. Personnel, visitors, and others: control of movement, etc.
Effective procedures with regard to:
a. Access controls
b. Opening and closing
c. Control of documents
d. Supervision/monitoring
e. Property control
f. Check-in and check-out
g. Control of contractors, vendors, repairmen, custodial services
h. Disposal/removal of records, papers, etc.
i. Key control and key usage
j. Locking and unlocking
k. Shipping/receiving controls
l. Storage of materials, etc.
m. Employee vigilance/surveillance
n. Security systems/devices
Back to Top
4. What is Citizen Arrest?
All states permit citizen arrests if a felony crime is witnessed by the citizen carrying out the arrest, or when a citizen is asked to help apprehend a suspect by the police. The application of state laws varies widely with respect to misdemeanor crimes, breaches of the peace, and felonies not witnessed by the arresting party. Note particularly that American citizens do not have the authorities or the legal protections of the police, and are liable before both the civil law and criminal law for any violation of the rights of another.
Citizen arrest is discouraged due to several legal liabilities issues and concern for personal safety during the citizen arrest process; The security officer could be accused of False Arrest, False Imprisonment, Assault and Battery, or Intentional Infliction of Emotional Distress.
Back to Top
5. What is a Trespasser?
The tort of trespass to land requires an intentional physical invasion of the plaintiff's real property by the defendant.
Intent required
The intent need not be to commit a trespass, but merely to go to a specific geographic place - if a person walking in a public park errantly leaves the park and enters private property, they are liable for trespass, even though they did not know that they had entered private land. However, a person who ends up on land where they did not intend to go is not liable for trespass. For example, a person walking in a public park who trips and rolls down a hill will not be liable for trespass just because the bottom of the hill is on private land.
Physical invasion
The trespasser need not enter the land in person. Throwing any physical object onto the land of another - a rock, a clod of dirt, a bucket of water - is a trespass. Indeed, if Joey and Rachel are standing next to Monica's land, and Joey pushes Rachel onto the land without entering it himself, it is Joey (and not Rachel, who did not intend to enter that space) who is liable for the trespass to Monica's land. There must be some physical entry, however. Causing noise, light, odors, or smoke to enter the land of another is not a trespass, but is instead a different tort, nuisance.
For purposes of determining liability, the landowner's property rights extend above and below the land to as much distance as the landowner can beneficially use. Even a low-flying plane can trespass if it enters this usable space.
Constructive trespass
A constructive trespass occurs when a person who has permission to be on the land overstays their welcome. A person who stays in a business after its closing time, or who goes to a dinner party but refuses to leave long after the other guests have gone home, is a trespasser despite his initially proper presence. Furthermore, a guest's status as a trespasser arises as soon as he resists the property owner's command for him to leave the property.
Duties to trespassers
With respect to the duties owed to trespassers, there are two types of trespassers to consider. First, there is the undiscovered trespasser, to whom the property owner owes no duties whatsoever. Second, there is the anticipated or discovered trespasser. To those parties, the landowner owes a duty of common humanity - a duty to warn them of deadly conditions on the land which would be hidden to them, but of which the property owner is aware. A warning sign at the entrance to the land will suffice for this purpose. However, a property owner is under no duty to ascertain hazards on his own property, and cannot be held liable for failing to discover a deadly hazard which injures a trespasser.
Furthermore, a trespasser who is injured while on the defendant's property can not sue under a theory of strict liability, even if the landowner was engaged in ultra-hazardous activities, such as the keeping of wild animals, or the use of explosives. Instead, the trespasser must prove that the property owner was negligent.
A property owner may use reasonable (non-deadly) force to prevent a person from trespassing on their land, or to expel a trespasser.
Back to Top
6. What Duties of Care you own to anyone entering the property?
There three categories of people entering the property and you owe each category a special duty of care.
1. Trespassers - This issue was addressed in previous question.
2. Licenses - A licensee is a term used in the law of torts to describe a person who is on the property of another, despite the fact that the property is not open to the general public, because the owner of the property has allowed the licensee to enter. The status of a visitor as a licensee (as opposed to a trespasser or an invitee) defines the legal rights of the visitor if they are injured due to the negligence of the property owner.
Where licensees are present, activities conducted on the land by or at the behest of the owner of the land must be conducted with the care that a prudent person would show. A duty to warn arises if there is a harmful condition on the land that is hidden from the licensee, so long as the landowner knows of this condition. The licensee falls between the anticipated or discovered trespasser and the invitee on the sliding scale of tort liability assessed to landowners. Whereas the trespasser needs to be protected from known conditions capable of causing death or serious injury, the licensee must be warned of all known dangers. However, unlike an invitee, a licensee has no standing to sue for dangerous conditions unknown to the property owner.
3. Invitees - An invitee is a term used in the law of torts to describe a person who is invited to land by the possessor of the land as a member of the public, or one who's invited to the land for the purpose of business dealings with the possessor of the land. The status of a visitor as an invitee (as opposed to a trespasser or a licensee) defines the legal rights of the visitor if they are injured due to the negligence of the property owner.
The property owner has a duty to make the property safe for the invitee, which includes conducting a reasonable inspection of the premises to uncover hidden dangers. The property owner also has a duty to warn the invitee of hazardous conditions that can not be fixed. Furthermore, property owners assume a duty to rescue an invitee who falls into peril while visiting the property. If an independent contractor hired by the landowner injures an invitee (intentionally or through negligence), the owner can be held vicariously liable. This represents the broadest duty of care owed to any class of visitors to the property.
It should be noted that a property owner who selectively limits entry to the property - to paying customers, to a set number of people, or even in a discriminatory fashion - is nonetheless opening the property to invitees, so long as the property owner holds the property open to some segment of the general public
A. Duty of care - In tort law, a duty of care is a legal obligation imposed on an individual requiring that they exercise a reasonable standard of care while performing any acts that could foreseeable (foreseeable = ability to predict) harm to others. For an action in negligence, there must be an identified duty of care in law.
Duty of care may be considered a formalisation of the implicit responsibilities held by an individual towards another individual within society. It is not a requirement that a duty of care be defined by law, but it will often evolve through the jurisprudence of common law.
Individuals who are considered to be professionals within society are often held to a higher standard of care than those who are not. Engineers and doctors will be held to reasonable standards for members of their profession, rather than those of the general public in cases related to their fields.
Breach of duty of care, if resulting in an injury, may subject an individual to liability in tort. Duty of care is an important prerequisite in the tort of negligence, as the duty of care must exist and must have been breached for the tort to occur.
B. Standard of Care - In tort law, the standard of care is the degree of prudence and caution required of an individual who is under a duty of care. A breach of the standard is necessary for a successful action in negligence. The requirements of the standard are closely dependent on circumstances. Whether the standard of care has been breached is determined by the trier of fact, and is usually phrased in terms of the reasonable person. It was described as whether the individual "proceed[ed] with such reasonable caution as a prudent man would have exercised under such circumstances". In certain industries and professions, the standard of care is determined by the standard that would be exercised by the reasonably prudent manufacturer of a product, or the reasonably prudent professional in that line of work.
A special standard of care also applies to children, who are held to the behavior that is reasonable for a child of similar age, experience, and intelligence.
Back to Top
7. Why are the Security Report Forms so important?
Drive-through security patrols serve a limited, but useful purpose. By definition, the drive-through patrol service does not remain on-site and generally uses a vehicle to make the rounds. This type of patrol is less expensive then a dedicated on-site security guard because of the limited time spent on the property. Highly visible, drive-through security services are ideal for the patrol of commercial properties after business hours or on private property not open to the public.
One purpose of this type of patrol is to observe (or test) all accessible gates, doors, and windows and make sure they are secured, and to report the conditions found on the property to the business owner or the police. Another purpose is to make sure no unauthorized persons are trespassing on private property. Some drive-through security services may also respond to alarm signals, but this requires a more specialized guard force. The primary goal of a drive-through security patrol service is to deter property loss and discover vandalism after business hours. This presence is normally supported by signage that states the property will be patrolled by "ABC Security Service."
Drive-through security patrols are not good at catching criminals in the act. By design, drive-through security patrols should be highly visible and therefore should be incapable is sneaking up on a perpetrator. The best patrol vehicles are high profile, and distinctive in appearance. The most visible security vehicles are well-marked and equipped with a light-bar on the roof and high-powered spotlights. This high visibility maximizes the deterrent effect as long as the security officer is patrolling competently and according to post orders.
Random drive-through security patrols are less effective on commercial properties while open to the public. This is because the drive-through security officer probably has 6-10 other commercial accounts to patrol each hour. Random and infrequent patrol does not allow the security officer enough time to observe loiterers or differentiate between the customers, the residents, and the criminals. Many drive-through patrols consist of only a high-speed pass and offer little in the way of observation or scrutiny of suspicious activity. Because of the nature of the drive-through patrol, customer contacts are infrequent and suspicious groups are not likely to be confronted. Drive-through is better than not doing anything, but understand the limitations of infrequent and non-confrontation security services. Due to fear from prior litigation claims, signs supporting the random drive-through security patrol are not always used on retail and rental housing settings for fear of misrepresenting to a consumer that security guards are always on-site.
Reporting
It is the custom and practice of all contract security patrol industry to complete daily activity reports (DARs) and incident reports for each site they patrol. Despite this practice, it is important to require written DAR and incident reports as part of the contract for service. This is usually one of the items specified in the post orders. As a rule of thumb, if you don’t receive a written report, assume the patrol did not occur and don’t pay for the service until you receive one. This practice will ensure that reports are written and submitted in a timely manner.
Detailed daily activity and incident reports are crucial to a property owner. It is a form of supervision and holds the security service accountable for patrolling the property as agreed. In addition to communicating what was observed in the parking lot, the reports provide important documentation in case of a lawsuit alleging inadequate security.
Daily activity reports are designed to report routine things like when and where the security officer was on your property and what they observed. DARs should be detailed and informative. Each entry should list the date, time, location, and activity. Don’t accept activity logs that merely state, "10:00 PM or 11:00 PM – All Quiet". A proper daily activity report of an apartment property might state, "9/29/99 -10:06 PM – Completed patrol of the south parking lot, one light burned out over parking space #256 or "9/29/99 - 10:14 PM – Checked the mail room, pool gate, laundry room, and restroom door locks. All were secure." These reports notify the landlord to repair burned out lights or to resolve hazardous conditions. Daily activity reports should document the patrol of all roadways on a property even if no unusual activity is observed.
Incident reports are only written when something unusual happens that requires a more detailed account. Incident reports are not limited to crime. Incident reports should notify the client of an unlocked door, a large group loitering, a flooded parking lot, safety hazards, and of course all crimes or property damage. All contacts with persons on a client’s property should be reported as well. Incident reports should be more detailed than DARs because they chronicle one specific event. Incident reports that say "see police report" are not acceptable. Incident reports should note everything the security officer observed, what they did, and what they were doing at the time of the incident. They must contain the basics of reporting like who, what, where, when, why, and how.
Post Orders
Any contract security services must have clearly defined and articulated "post orders". Post orders are written instructions for how the security officer is to patrol a site and should be incorporated as part of the contract. These written instructions need to be detailed and reflect the expectations of the property manager and the responsibility of the security patrol service. Post orders are necessary for drive-through accounts because the same security officer will not always patrol the site and each property will have specific requirements. Written post orders allow for consistency in patrol and reporting and set forth the obligations for fulfilling the service contract. Post instructions should specify if drive-through security officers are to get out of their vehicle to "shake" doors or walk behind buildings. If you don't require it...it won't occur. Well-written post order acts like a checklist for the security officer while on-site and helps them fill out their daily activity reports and logs.
Physical Security and Information Technology
Whether it’s a small business or a large business, Information Security must be a
key area of concern and focus. Information Security can make or break any
business from a financial or competitive perspective. When considering and
researching Information Security, there are different rings of security to consider.
One of the most important or first ring of security to consider is physical security.
One of the least technical methods of information security exploitation is the
breaching of the physical security ring. Exploiting the physical security of any
company requires minimal, if any, technical knowledge on the part of the intruder.
Many times physical security is compromised inadvertently by someone who had
no malicious intentions whatsoever. For example, a company’scustodial worker
is vacuuming the floor of the company server room. As the custodian vacuums
under the server table, he or she inadvertently snags the server power cord with
the vacuum and pulls it out of the wall. Without the proper physical security
safeguards or controls in place, this particular accident could cause the server to
shut down. This may seem like a benign incident, but due to the hard shut down,
could potentially cause sever malfunction when rebooted. This could result in company down time and negatively impact production, all of which could
ultimately cost the company money.
Just as there are rings of security in Information Technology, there are also rings
within physical security. They are:
Ring 1 - Areas on the
perimeter of the business building
Ring 2 - Immediate
area around the business building/environmental
Ring 3 - Internal
location of the business building
Ring 4 - Human factor
It is critical each of these four rings are thoroughly researched, addressed and
implemented when incorporating an Information Security model in any business.
Each one of these rings will be discussed and addressed in the upcoming
sections of this manuscript.
Physically securing computer hardware should be any company’s first step in
securing their IT business. Without first implementing physical security, all other
security measures may be meaningless. Thousands of dollars can be spent on
implementing the most current IT security technologies on company severs, but if
they are not physically secured, this may prove to be a costly lesson. Virtually
anyone has access to those servers and can perform malicious or unintentional
damage to them. An example of this would be a company spending thousands
of dollars to secure their servers by installing firewalls, encryption and virus
software. However, there was very little thought in the implementation of
securing the physical access to those servers, which reside in an unrestricted
area. Since there is no security for entering the server room, anyone could easily
access the servers, which permits them the luxury of working to exploit the
security controls installed on the servers and obtain critical information. This
could also result in the physical theft of the servers. One of the most effective
security steps this company could have taken was to first prevent an attack on
the servers by implementing physical security controls for access to them.
Implementing a robust physical security model is critical for all businesses to help
ensure computer integrity and availability. It is the first step in ensuring computer
hardware protection against malicious and even inadvertent activities which can
cost the company money, time and a competitive edge. Physical security and its
four rings should not be forgotten.
Back to Top
10. Physical Security and Environmental Factors
Implementing a physical security model in must include the consideration of
environmental factors and implementing environmental security controls.
Environmental factors represent the third ring of physical security. When
surveyed, more than seventy percent of risk managers believe environmental
hazards pose the greatest security threat to a company’s earnings(1) “Tech Talk:
Some of these environmental hazards include; fire, floods, moisture, electricity
and temperature; all of which can have a profound negative affect on IT
computer components and equipment. The survey also showed companies are
much more prepared for environmental interruptions than they were one year
ago, due largely in part by the painful reminder of the 9/11 terror attacks.
A key issue in the consideration of environmental protection is the availability and
continuity of computer systems. Computer systems require redundancy in power
availability. If the electrical power to the computer systems’ building goes down,
a backup device needs to be ready to take over and keep those systems
powered up. This can be accomplished with two types of devices, a UPS
(Uninteruptable Power Supply) or a power generator. Power generators can be
used for maintaining overall electricity in the company building for such things as
lighting and general power, but can also be utilized for maintaining computer
power in the untimely event of a power outage.
The UPS is used primarily for the supplying of electricity to the company
computer boxes or servers. If a company server loses power, and there is no
backup in place, the server will shut down resulting in loss of use and loss of
productivity. However, with a UPS, if the electricity to the server is lost, the UPS
will take over. The UPS battery source will provide the needed electricity.
Although the supply of electricity is limited, it generally provides enough time to
keep the server running until the electricity is restored. Some UPS units will
sound an alarm to alert the IT administrator, to safely shut down the computer
box and avoid a hard shut down. Another function of the UPS is to intercept
power spikes and prevent a spike form reaching computer equipment. Power
spikes can be dangerous to computer equipment and result in costly damage.
Fire hazards are another area of protection needing to be planned for by all
companies. Risks from these hazards can be addressed by investing in smoke
alarms, heat sensors, fire extinguishers and sprinkler systems. These devices
may go a long way in preventing any substantial damage to computer systems
and most of them are relatively inexpensive. It is also important to ensure staff
members are trained in the use of these devices. Regular inspections of these
devices should also be conducted to ensure optimal operation. These
inspections should be completed at least twice per year by a certified
professional or the fire department. Smoke alarms should be installed inside the
computer room and directly outside the computer room. These fire alarms
should consist of both manual and automatic operation. There may be times
when a person detects a fire long before an automatic smoke alarm, therefore,
the manual alarm can be engaged and further fire damage may be prevented.
Heat sensors should also be installed inside the computer room and directly
outside the computer room to warn of any significant rise in temperature. These
devices are easy to install and will emit an audible or visible alarm.
Every computer room should have at least one fire extinguisher. The fire
extinguisher can be used once a fire breakout has been detected. There are two
types of fire extinguishers to consider; the traditional, dry chemical extinguisher
or the halon gas extinguisher. The dry chemical extinguisher may cause further
damage from the chemical material it dispenses. The chemical material the
extinguisher contains should depend on the type of fire; for instance wood fires,
solvent fires, and electrical fires.
Class A –wood, paper, cloth rubber and some plastic material
Class B - liquids, gasses and grease
Class C –electrical sources
Class D –magnesium and sodiumThe halon gas extinguisher dispenses a gas which deprives the fire of oxygen to
extinguish the fire. This may result in less damage to your computer systems.
However, the use of halon does present some environmental concerns, whereby
it may be a factor in the depletion of the ozone layer.
Sprinkler systems known as wet-pipe and dry pipe can also be installed. The
wet-pipe is a sprinkler system with all the piping filled with water under pressure.
The dry-pipe is a sprinkler system with the piping filled with air pressure. When a
sprinkler head opens, air is released and water flows into the pipes and to any
open sprinkler head. The dry-pipe is utilized to prevent potential freezing of the
pipes and causing further damage.
Water damage is another environmental hazard to consider when physically
securing your computer systems. Water damage can occur from leaky or broken
water pipes, flooding and even internal sprinkler systems. In order to help
prevent or mitigate water damage, water detectors may be installed on the floor
or under a raised floor near the computer equipment. Additionally, water-proof
covers should be made readily available in the event of a water hazard incident.
Temperature regulation is also critical to preventing environmental losses. In
order to prevent computer damage due to temperature fluctuations, it is important
to store all computer equipment in a dedicated computer room. The computer
room should be set to the appropriate temperature and humidity level to ensure
optimal and continuing operation of the computer equipment. The computer
room temperature should be set to sixty to seventy five degrees Fahrenheit. The
humidity level should be at twenty to seventy percent and monitored regularly.
One of best preventative measures any company can implement is a Company
Contingency Plan. The contingency plan should include all the scenarios just
described here and the necessary steps to be taken to get the company back
into a recovery and production mode. The plan should be completed by a
committee of representatives from many areas such as Human Resources,
Administrative Services and IT. Obviously, smaller companies or businesses
may not require such a diverse committee, but nonetheless should implement a
contingency plan to fit their needs. The contingency plans should include such
items as:
Server backup and recovery
Data backup and recovery
Network backup and recovery
Employee backupObviously, this is not an all-inclusive list. These are examples of some of the key
items needing to be addressed and planned for.
Physical Security and Human Factors
One key ingredient of any recipe for computer exploitation is the human factor.
This has forced companies to take a more hard lined approach to the word
trust. Aside from this statistic, companies must also plan for the other 20% of
exploits from occurring, which include an external or unauthorized user.
One of the easiest and most common ways to prevent unauthorized access to
any company is to incorporate perimeter security. This can be accomplished by
utilizing security personnel, surveillance cameras and fences. Any one of these
methods can be very effective at preventing an unauthorized user from entering
the premises. These same security methods can also be used for the immediate
area around the building. One other method which will work well for both of
these scenarios is employee training or awareness. Ensure employees are
properly trained in the area of security awareness. This will help them to identify
and report any suspicious acts on or around the premises. Utilizing all three of
these methods will also work well for securing the internal location of the
business building. Other methods for securing the internal location of the
building include the use of more modern technologies such as, door locks
requiring access code entry, motion detectors, magnetic card swipes, biological
recognition (such as fingerprints, voice or retinal scans), or a combination of two
or more of these technologies. Many of these also track the access activity of
the individual or create an activity log. It is important to note, the biological or
biometric security technologies take security a step further in ensuring authorized
access. This is due to the unique recognition of physical credentials all humans
possess.
But, let’s not forget, the overall level of security is only as strong as its weakest
link. Installing more sophisticated methods of authorization may not be enough.
We must also think about other ways unauthorized users can acquire access
such as, windows, air ducts and social engineering. This may sound far fetched
and more work than it is worth, but it is nonetheless something to be considered
in the overall physical security model. These are possible entry ways into any
company which may not require authorization, detection or prevention.
Depending on the size, complexity and available funds for any business, not all
of these methods are practical, but should at least be researched. This is not a
one size fits all concept; businesses will have to implement what is appropriate
for them and suits their needs.
Now, what about the eighty percent we talked about earlier? What about the
physical protection of accesses from internal, authorized users? Many times,
internal attacks are accidental. These attacks can be prevented by incorporating
many of the environmental precautions we talked about previously such as,
installing a UPS, ensuring fire extinguishers are available and functional,
ensuring heat sensors, smoke alarms and sprinkling systems are installed and
employees are educated. Accidents happen all the time and many times they
are caused by human error. These devices will help greatly in mitigating that risk.
Then there is the intentional attack by authorized users. This is the most difficult
to prevent and happens more in larger companies. If an individual was trusted
with certain access rights, the company is trusting they will not compromise the
access they have been granted. But, sometimes it just doesn’t work that way.
The best thing a company can do to prevent this from happening is educate other
employees so malicious attacks are identified and reported. Another
preventative measure is to incorporate any of the logging or tracking
mechanisms we discussed. This would include surveillance cameras, security
personnel or biometric devices. Although neither of these methods may be able
to prevent an internal malicious attack, they do make it possible to react to one
which may help recover from it or prevent it in from reoccurring in the future.