As a business, it can be hard enough protecting yourself against the outside threat of hacking and fraud. But how can you prevent trusted employees taking advantage of weaknesses in an IT infrastructure?
James Stevenson, a Sainsbury’s IT employee, was recently sentenced to 20 months in prison for Nectar point fraud. Worth over £81k, Stevenson created a series of fake accounts, accruing points and subsequently acquiring over £8k worth of goods. He told prosecutors that he had "discovered a loophole in the system".
Like most people in most businesses, Stevenson was a well-regarded employee. And with no one feeling like they needed to watch over his shoulder, he capitalised on a weakness in what is probably an otherwise robust system.
The activity was almost unpreventable. With that in mind, it’s best to make sure your insurance policy covers cyber perils such as hacking, viruses, privacy and data breaches. If you do have a policy covering this, also take care to ensure that it covers fraudulant insider activity as a good technology PI policy should contain employee dishonesty cover, or broad enough cover that will respond to liability claims that may follow. No matter how well you guard yourself against an outside attack, well-trained employees are occasionally tempted when they find a fault in your system.