Data security: The Federal Reserve fears internal malicious deeds
- Considering WikiLeaks' disclosures, the Federal Reserve is trying to improve its employees' behaviour. Better training would undoubtedly promote a decrease in data leaks. All federal departments and agencies that handle confidential data must now identify any dissatisfied or untrustworthy employees.
- In the beginning of January, a 14-pages document was sent to the different agencies to help them assess their ability to manage internal threats as well as a large range of other security issues. A first memo, drafted by the OMB (Office of Management and Budget) in November 2010, required that the agencies have their security level assessed by 28 January 2011.
- Any staff member who does not show his commitment or display enough motivation might be followed more closely and only benefit from limited access rights; the security of confidential information is also to be reinforced.
- Internal malicious actions remain one of the main sources of information leaks (e.g. Renault). Though some believe that 80% of bank fraud is caused by internal mischievous deeds, we do not dispose of many accurate figures. However, considering this phenomenon, some things are certain. All risks of human “errors” cannot easily be avoided (they induce both intentional and accidental breaches). Nevertheless, assessing those risks and the complexity of implementing counter-measures are the most difficult tasks. One must then take into account the gravity of the risk, the increase in the information system’s complexity, the weight of counter-measures and how employees will perceive the company's distrust.