Employee Monitoring: Advanced Legal Considerations – Part 2
In Part 1, we explored the various legal considerations related to the collection and use of information derived from User Activity Monitoring (UAM) solutions. While the former is broader in scope than the latter, each require clear policies and procedures to maintain the proper balance between privacy and security. In Part 2, we’ll explore the various incentives or justifications for implementing UAM tools and solutions and close with a brief overview of the evidentiary value of UAM collected data.
U.S. to Warn That China Is Attempting to Steal Coronavirus Vaccine Research
China is actively seeking “valuable intellectual property and public health data through illicit means related to vaccines, treatments and testing,” a draft of the warning by the FBI and Homeland Security Department reads. The Trump administration will draw attention to the role of “nontraditional actors,” namely students and researchers employed by the Chinese government to steal data on vaccine development.
COVID-19 is raising the risk of insider bank jobs
No financial institution is exempt from the occasional ‘malicious insider’, who, acting alone or with outside help, can do more damage than virtually any outside fraudster. In addition to knowing where a bank’s most vital and sensitive information is stored, a maladjusted employee has the inside track to a bank’s weak spots. Hence, it’s not surprising that attacks from inside bad actors are the most costly and take the longest time to resolve. “An attack by any trusted party, whether an employee, contractor, or trusted vendor has the potential to be devastating,” says Keith Monson, chief risk officer for Computer Services Inc., a Paducah, Ky.-based banking vendor. “If the right controls aren’t in place, these attacks can go on for a considerable amount of time, sometimes only being detected when the insider makes a mistake or gets too greedy.”
Twitter employees can work from home forever, CEO says
Twitter will allow employees to work from home for as long as they want. Twitter CEO Jack Dorsey told his employees Tuesday that many of them will be allowed to work from home in perpetuity, even after the coronavirus pandemic ends, according to a company spokesperson. “Opening offices will be our decision,” the spokesperson said. “When and if our employees come back, will be theirs.”
TSA Releases 2020 Insider Threat Roadmap
This Insider Threat Roadmap provides a vision to guide TSA and the transportation community in mitigating insider threat. The Roadmap builds on the expertise, leadership, and relationships TSA has developed to streamline processes, identify requirements and capabilities, and leverage partnerships to proactively mitigate risks of the insider threat. It builds on and supports DHS Directive 262-05-002, “Information Sharing and Safeguarding: Insider Threat Program,” issued on October 1, 2019, which establishes requirements and standards, and assigns responsibilities for DHS agencies to implement an insider threat detection and prevention program.
Foreign Influence: Protecting Intellectual Property Related to Coronavirus Vaccine Research
In the midst of a global pandemic, international scientific collaboration has perhaps never been more important. However, the U.S. government’s efforts to prevent and investigate undue foreign influence in federally-funded research remain active with “80 percent of all economic espionage prosecutions brought by the DOJ involving China.” The DOJ also reports that there is “at least some nexus to China in around 60 percent of all trade secret theft cases.”
The Spy Who Handed America’s Nuclear Secrets to the Soviets
The physicist Klaus Fuchs (1911-88) is well known as the atomic spy who gave details of everything he worked on at the Manhattan Project to the Soviet Union. In this enthralling and riveting account, Nancy Thorndike Greenspan, the author of a biography of the physicist Max Born, has brought together new material that rounds out Fuchs’s life, from his college days in Weimar Germany to his move to Communist East Germany in June 1959 following his release from prison in Britain. He had served nine years of a 30-year sentence for espionage.
Compliance as a Way to Reduce the Risk of Insider Threats
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training. Insider threats have continued to be a major factor in data breaches over the last year. On top of this elusive threat, business environments are growing more complex and data is becoming a more lucrative target. Bring-your-own-device (BYOD) polices and remote working have presented challenges that extend far beyond the traditional environment seen just a few years ago. However, everything isn’t all doom and gloom, and there are several steps to consider that enable organizations to begin mitigating this risk factor.
Preparing for Internal Investigations to Mitigate Risk
The stakes in internal investigations can turn out to be very high. Companies can often respond effectively if they proactively plan for investigations and leverage technology that can comb through large amounts of data quickly at low cost.