A Finextra member 28 August, 2008, 23:40 0 likes

Generally they're fabulous, very hard working and dedicated people, but occasionaly you get a rogue, but only very occasionally.

Some are probably doing things their managing directors may not 'know' about, such as hacking competitors etc, and this can lead to serious issues for the companies and their financial industry clients. It can also lead very quickly to jail, that is, if the competitor chooses that course of action as redress.

Other less ethical victims may choose other courses of action.

Next time your bank suffers a serious attack consider that it may be as a result of a rogue in your (or your network provider's) staff going above and beyond their job description.

Insider's, especially systems administrators must be properly controlled and measures put in place to prevent such staff from doing bad things if they are terminated. External audits need to be carried out to ensure such staff have not introduced back doors.

The situation such as Lloyds with the staff knowing customer's passwords is beyond belief. If they sack the worker, do they have to change every customer's password, along with all of the staff?

An ounce of prevention is better than a pound of cure.

There is at least one banking infrastructure provider in the UK with such rogue staff, either that or their leaving their systems open for others to use it to launch attacks (even more dangerous).

The most dangerous are actually the corporate leaders who assume it'll be all right, because sometimes it won't and the repercussions could be serious for the organisation.

At the least a little look in the eye and ask the question could be in order, as I don't expect you'll gain much insight from a memo. If in doubt then sort it out.