Beware of Intruders, But Also Extruders

Your friends may be close, but your enemies might be even closer. This is the central thrust of a recent story appearing on the ComputerWorld Web site about "extruders" -- in-house thieves or negligent employees that steal or accidentally leak an organization's sensitive data. The opinion-piece entitled: "Extrusion: The Story of 'Trusted' Digital Insider Theft" by Danny Lieberman of OSI-Open Solutions Israel, explains how through carelessness or ill-will employees or outsourced contractors, people may be transmitting valuable data about your organization to the outside world.

"[Extruders] may be the software development group that was axed or the sales representative who skims credit card transactions," writes the author. "What about human error? One extra click in Outlook, and a casual friend is on the distribution list together with the board members in the middle of due diligence."

The story offers a series of fascinating real-life examples of how a wide range of organizations have suffered extrusion mishaps. The author also calls upon the development community to build tools that not only address external threats, but inside ones as well. The story is the first in a three part series by the author that will appear on the ComputerWorld site in the coming weeks.

To read this, the first installment, visit: http://www.computerworld.com/securitytopics/security/story/0,10801,90952,00.html.