Preventing Insider Threats in your Business - First Utah Bank | Personal Banking | Business Banking | Treasury Management | Loans

Business Credit Card

Merchant Services

Hub Access


Preventing Insider Threats in your Business

While most business are focused on external threats from hackers and sophisticated phishing schemes, insider threats are often just as great, and sometimes less noticeable. Keeping your business safe means protecting yourself from all threats, including those insider threats within your own office.


What is an insider threat?

Insider threats can include any security threat from within the organization or company. Insider threats can originate from current or former employees, Board members or any vendors or agents who have access to your building, your systems or your information.

These insider threats are often  more difficult to spot, but you can prevent these types of attacks with some key prevention measures.

  • Identify and report any and all suspicious behavior from employees, vendors or contractors, or anyone else that is inside your building. If you notice anything that looks suspicious, report it immediately to a supervisor.
    • Some examples of suspicious behavior can include:
      • A disgruntled or angry employee that would have reason to retaliate against the company
      • An employee working outside business hours when he or she has not been given direction to do so
      • People carrying unauthorized devices inside the workplace
      • A contractor or other agent who is in areas of your building they have no business being in
  • Keep all desks clear of confidential information, especially at the end of the day when after-hours personnel, such as a cleaning crew, will have access to the office.
    • If employees work with confidential information, make sure they have access to a lockable file cabinet or storage to keep that information secure when not in use.
  • Make sure computers have lock screens, and they are set to automatically lock out after a short period of inactivity. Those working with sensitive information should manually lock their computer by logging out or putting their system to sleep if they are going to be away from their machine.
    • This habit will help prevent those passing by your computer or office from seeing sensitive information on your computer when you are not at your desk
  • Be aware of your surroundings if you do not work in a private office
    • Make sure other employees or persons are not hovering around your desk or spying on your computer from over your shoulder. Keep a watch on other desks as well to spot any suspicious loitering. These individuals may be trying to view confidential information, or attempting to steal passwords.

While outside security threats often get the most attention, insider threats from those within the organization or building can do just as much damage. Insider threats also often go undetected. By training your employees to spot and report suspicious activity, you can minimize these insider threats.