Skip to content

Are Your Employees Putting Your Company At Risk?

Are Your Employees Putting Your Organisation at Risk?

By Jacques van Wyk
JGL Forensic Services

They say that people are an organisation’s greatest asset. That, although salaries usually account for any company’s biggest expense, good employees don’t actually represent a cost, but rather a intelligent investment that ultimately offers a great return.

And it’s true that employees who perform well undoubtedly help your company perform well too. Your staff are at the heart of what makes your business tick, and multiple studies show that when employees feel valued and recognised, they are more engaged and productive. Productivity equals profits, so everybody wins.

Except when they don’t.

What happens when your employees, instead of contributing to your organisation’s success, are actually putting it at risk? It could be entirely unintentional – such as inadvertently opening a phishing email, or innocently accessing an unsecured website. Or it could be a deliberate and calculated act – submitting a fraudulent CV or copying sensitive and confidential information with the intention of selling it to a competitor, or taking it with them to a new job.

If you think about it, do you actually know what your employees are up to every minute of every day? Of course not. It’s impossible. In most companies, there are a hundred opportunities every day for staff to jeopardise the data and intellectual security of your business. Whether this is happening intentionally or not, being aware of the potential risks makes it easier for you to safeguard against them.

The Most Common Risks Your Company Faces From Employees

Open Wifi Connections

Perhaps one of the most dangerous practices in which your employees can engage is accessing an open wifi connection using the same computer or device they use for work. Many companies these days encourage their employees to bring their own device to work. It’s also common practice for businesses to have at least some of their workforce working remotely all, or part of, the time. There is thus a very real danger that, if they use their device in a coffee shop, hotel, restaurant or anywhere else where there is an open wifi connection, it can really put your business’ cybersecurity at risk. Savvy intruders can gain access to login user names and passwords and confidential company information – without your employee or you being any the wiser.

Until, of course, it’s too late.

If your employees have no choice but to use open wifi connections, it’s vital they do so using a VPN that can protect not only their own personal data, but also any sensitive company information they may have on their device.

Phishing

Phishing emails are another common danger for all companies – simply because most employees in most businesses send emails back and forth on an almost continuous basis every day. Popular phishing scams include emails sent by cyber criminals to an employee that look as though they’ve come from another employee. These emails usually include some kind of attachment that, when opened, could unleash all kinds of malware in your computer that then enables the cyber criminal to steal data, spy on confidential communication, and monitor any activity carried out on the device.

The only way to really prevent this kind of risk is to educate employees as to the very real risks. Raising awareness about the importance of cybersecurity is key, as is teaching them to be aware of the pitfalls – especially when dealing with emails and apps on smartphones.

CV Fraud

The above two examples illustrate ways in which employees might inadvertently put the companies they work for at risk. Lying on your CV, on the other hand, is an intentional act of fraud, and one which can jeopardise an organisation in several ways. Companies could, for example, suffer irreparable damage to their reputations, lose business or even face legal challenges as the result of hiring someone with a fradulent CV.

Of course, the risk isn’t only to the business. In the UK, Rhiannon McKay was given a six month prison sentence for forging a recommendation letter and falsely claiming to have two A-levels. More recently, Jon Andrews was sentenced to two years in prison for falsifying qualifications.

In South Africa, too, employees who fabricate CV qualifications could soon face jail time once the National Qualifications Amendment Bill is signed into law later this year.

Social Media Activities

It’s a fact that between 70 and 90% of employers check potential employees’ social media accounts prior to hiring them. But it’s not only before you get the job that you need to be on your best behaviour online. Almost half of all employers admit to checking their current employees’ online activities too. There is good reason for this. Unsavoury posts that can be traced back to your company – even if you weren’t aware of them – can cause untold damage to your organisation’s reputation. Particular areas to watch out for include posts supporting anything illegal or immoral, as well as those condoning gun violence, celebrating excessive alcohol consumption or justifying racism or any other form of discrimination. Remember that, as an employee, you are an ambassador for the company you work for – online, offline, in the office and out of it.

So what can we learn from all this?

Most employees are interested only in doing a good job, earning money and progressing as far as they can within a company. Any risk they do end up posing to their employer is entirely unintentional. Others, however, seize opportunities to deliberately and intentionally defraud their employers for their own gain.

If you’re an employee, be vigilant when hiring new staff – check qualifications and references thoroughly. Educate employees on the potential risks of their online activities – to your organisation and themselves.

The Internet makes it easier than ever to commit fraud and endanger your organisation in a thousand different ways. You owe it to yourself and your company to stay one step ahead.

JGL Forensic Services is a multidisciplinary team of experienced forensic accounting and investigation professionals. We strongly believe in the rule of law and the scientific method as it applies to forensic accounting and investigation. Talk to us in confidence, and let’s work together to prevent corporate corruption and fraud.

Tags: