Temporary Employee Risks: Which Systems Are Nonpermanent Workers Accessing?
By Sue Poremba
Temporary workers are brought on board to fill specific job duties for a variety of reasons, whether it’s to meet a seasonal rush, replace a regular employee on extended leave or help on a specific project. These nonpermanent workers often need the same access to the corporate network as permanent employees. However, a new study has found that there are temporary employee risks associated with unmonitored network access.
The Invisible Employee
It’s expected that more than 750,000 temporary employees will be on corporate payrolls during the last months of 2015, particularly in the retail industry. Yet, according to eSecurity Planet, a new Osterman Research survey shows 37 percent of companies admit they have no way to identify the network systems or data these temporary employees may be accessing. Further, more than 25 percent say they can’t track what temporary employees might be sending or saving during their tenure.
The source points out that while there is tight control on permanent worker access, temporary employee access isn’t held to the same standard. One of the main problems is that many companies use shared credentials to provide network access. The survey found that 61 percent of companies do not give retail floor workers unique login credentials for corporate systems.
Temporary Employee Risks
When hiring temporary workers, businesses are often more concerned with having enough people on staff to meet customer demand. Unfortunately, security isn’t a high priority in these instances. In many cases, temporary employees aren’t being trained for anything beyond the basics when it comes to network use. That means there are too many opportunities for a seasonal worker to accidentally log in to an unauthorized database or for a rogue worker to purposely gather sensitive information. When multiple employees use the same login credentials, it is extremely difficult to discern who the culprit is and opens the door for insider theft.
The solution to monitoring temporary employee access to the corporate network may be third-party monitoring through a managed service provider (MSP). MSPs can tailor their offerings to help companies figure out the best way to control who has access to specific areas of the network. They should also ensure each employee — both permanent and temporary — has strong and unique login credentials, especially on shared devices.
Eliminating temporary employee risks, especially when it comes to security, means eliminating anonymity. MSPs should help their clients ensure every worker who has access to the network has an individual “fingerprint” to leave behind. This way, businesses can not only monitor current employees, but also ensure former workers no longer have access to the network. This will instantly improve the company’s security stature and position MSPs as a go-to partner for gray areas of security.
Hear the many advantages offered by IBM’s security intelligence solution. CLICK HERE
Article was originally posted here