At CORAS, we’re committed to architecting and securing our environments from external threats. Firewalls, MFA, and other security tools and approaches are used to protect the data we’re charged with guarding.
Protecting information from external threats is important, but equally important is being aware of challenges coming from within CORAS. These risks are known as insider threats, as they come from people within CORAS.
These threats can include employees, as well as contractors or business associates. Anyone who has inside information concerning our security practices, data and computer systems could present a threat that may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems. In addition to commercial threats, anyone with access to company information, government information, systems or facilities can also use his or her authorized access, wittingly or unwittingly, to do harm to the security of the United States.
This threat is why CORAS requires regular training on what to look out for when it comes to an insider threat. In case you’ve forgotten, here are some warning signs that could indicate that employees are spying and/or stealing secrets from us:
- They work odd hours without authorization.
- Without need or authorization, they take proprietary or other information home in hard copy form and/or on thumb drives, computer disks, or e-mail.
- They unnecessarily copy material, especially if it’s proprietary or classified.
- They disregard company policies about installing personal software or hardware, accessing restricted websites, conducting unauthorized searches, or downloading confidential material.
- They take short trips to foreign countries for unexplained reasons.
- They engage in suspicious personal contacts with competitors, business partners, or other unauthorized individuals.
- They buy things they can’t afford.
- They are overwhelmed by life crises or career disappointments.
- They are concerned about being investigated, leaving traps to detect searches of their home or office or looking for listening devices or cameras.
Do any of these warning signs remind you of someone working with or within CORAS? Let us know! If you suspect someone may be committing economic espionage, report it to our corporate security officer. For instructions on step to follow, please see the Insider Threat Reporting Process document, loaded into the CORAS Teams site. You will need to authenticate to open the file using your Office 365 credentials.
Remember: government created or owned information must be safeguarded from unauthorized disclosure. They are trusting CORAS to protect this information and we are trusting you!