Blacklist of 'risky' bank staff
Major US Banks are looking at a new defence against insider fraud: a database of employees who are known to have compromised security.
Banks and similar organisations already run reference and background checks on new employees but an extra security measure is needed, according to Bits, a consortium of 100 of the largest US financial institutions. The new database, announced last week, will list information on employees at financial institutions who were fired because they compromised customer data or knowingly caused financial losses, the group said.
Apparently there have been several cases of people being fired from one job and immediately walking into another and getting hired. Reports of insiders attacking financial services systems are on the increase. In a 2004 Deloitte survey of IT security in the industry, 35 per cent of companies said they had come under an attack from an internal source. That's up from 14 per cent in 2003. However, most experts believe these numbers massively underestimate the true figures.
That trend has been reflected in high-profile security breaches at banks. In one example in April, police in Hackensack , New Jersey , arrested nine individuals who were allegedly involved in selling the personal information of just under 700,000 people. Eight of the suspects were bank employees, and Bank of America and Wachovia were among the big companies that had to notify customers that their account information had been stolen.
According to Bits, the database is currently under development and should be ready by mid-2006.
It is unlikely that we will see a similar initiative in the UK , or indeed Europe, because the various UK and European Data Protection Acts would require the fired employee to consent to being placed on the register. Not something the average sacked employee is likely to agree to!
Discuss This Article |
