Chapter 11. Suspicious Activity—A Consulting Company in Spain

 

“Observe your enemies, for they first find out your faults.”

 
 --Antisthenes

A large consulting company with offices in Spain found that some of its sensitive information was leaking out to competitors, and they were losing business. They had an open policy for Internet use and didn’t want to punish employees by imposing restricted access upon them because of a few possible malicious insiders. Since one of their requirements was to reduce the negative impact on employees, but still catch the insiders, they decided to implement the following strategy.

They used their ESM to monitor activity by having it look for suspicious events. Those users who created these suspicious events were added ...

Get Enemy at the Water Cooler now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.