Employees

More and more businesses are demanding that staff undergo some sort of vetting as part of the recruitment process: Companies often spend huge sums of money protecting their assets against deliberate attack, technical failure or natural disasters, but overlook the greatest threat facing any system:

The Insider Threat

Employees who are likely to be handling sensitive information should be vetted as part of the recruitment processess. In the UK, there are three levels of CRB checks (Basic, Standard and Enhanced). There is also the National Vetting Certificate, which performs further checks.

Staff awareness of security should also always be promoted. Make sure that staff know what to do in case of an incident and that they are familar with the processes and procedures in place surrounding the handling of sensitive information.

Employers must also look after the health of their employees: Aside from the various legal requirements to do so, a happier workforce will be more productive, receptive to training and less likely to deliberately leak information.

Further Information

CPNI – Personnel Security measures - http://www.cpni.gov.uk/ProtectingYourAssets/personnelSecurity.aspx
Criminal Records Bureau - http://www.crb.homeoffice.gov.uk/