top of page

REDSTOR - Five employees who threaten your business

Generally, when a business considers its cyber security risks, they are looking at threats from the outside of their business trying to find a way in.

But what about the potential threats that sit inside your business, already have access to your systems and networks and have their very own passwords to access all areas? The very people you employ could be as much of a risk to your cyber security as the stereotypical hooded cyber attacker who you have never met.

That doesn’t mean your business is full of Machiavellian wannabe cyber criminals waiting for their chance to strike, but that some of your employees present an unintentional risk or in some cases a deliberate risk to your cyber security and in turn your businesses finances and reputation.

Redstor, who are a National Member of the Cyber Resilience Centre Network, are experts in data management and they have identified five categories of employees who pose a threat to your business:

The hasty techie

When patches or software upgrades are introduced, they can cause more issues than they fix. The hasty techie is the person who goes ahead with these updates without testing all the changes and potential impacts before they are released onto the live environment.

Solution: Make use of data management services that allow administrators to create isolated test and development environments from backups.

By making these available over the network for software version testing, analytics and patch tests, you can avoid bad software from being deployed in the first place.

The vengeful wrongdoer

Your employees already have access to your systems and networks and therefore if they decide to act in vengeance, they can cause a significant amount of damage. Staff with broad security privileges can cause havoc by deleting large volumes of data or even deliberately introducing corrupting software

Solution: Minimise the potential negative impact of employees by limiting their access to only the data they need to do their jobs.

Choose a data management provider that has processes in place to avoid the immediate deletion of data and the capability to allow you to recover data quickly. You should also be looking for two-factor authentication to help protect and streamline user access. Ideally the encryption key should be set by you, so you can block unauthorised access.

The unwitting victim

Malware attacks are among the biggest causes of lost business productivity - and it’s important to remember that ALL employees are potential ransomware targets. To minimise the risks of someone clicking on a link that opens your business up to attack, you will need to educate and train employees, so they know how to identify and avoid infections.

Solution: It’s almost impossible to provide 100% effective defence against a determined ransomware attack. The best way to guarantee recovery from an issue such as ransomware is by having robust, automated, isolated, offsite data protection in place.

It's critical that your backups are not permanently on the same network as your live data. If you use the cloud, ensure that your chosen service encrypts data before it leaves your devices - and that it remains encrypted at all times, in transit and in storage.

Make sure you own the encryption key and aren't required to share it at any time. That way any malware entering your network won't be able to execute on the cloud platform. It also means that only your organisation can decrypt your data.

The data hoarder

Keeping data can be expensive, especially if employees literally save every item of data, email, file, doc or PowerPoint presentation that passes their way - just in case they ever need it again. Investment in additional hardware for storage is typically capital expenditure and can cause significant budgetary pressures. Storing data in the cloud is an attractive proposition but it’s important that any solution addresses the ever-growing need for data security and 24/7/365 data access.

Solution: Extend the life of your expensive hardware assets and delay purchasing more primary storage to cope with data growth by offloading redundant, obsolete or trivial data to the cloud when it meets specified criteria.

When choosing a fully automated, centrally managed archiving process that minimises management overheads, you should also ensure that you eliminate any delays in access to archived data.

The technology now exists to access archived data files instantly on demand from the cloud - and if the user experience remains unchanged so much the better because there will be no need for end-user training.

The overstretched worker

Who hasn’t inadvertently lost or deleted an important file? But someone could also delete an important file intentionally. Recovering lost files can be among the most common and time-consuming tasks to plague an IT department. Whether data is onsite, in the cloud or stored in a hybrid environment, you need to gain immediate access to critical data. Quickly addressing these requests enables IT to focus on more business-driven objectives.

Solution: Make downtime a thing of the past. You should be able to restore data quickly and easily to its original location or a new location of choice - as often as required, at no additional charge. There should be no need to wait for all your data to be restored before users can start accessing the files they need. The technology exists to get you up and running without waiting for a full recovery, so employees are working again within seconds, not days.

Each employee category identified by Redstor, poses different threats for different reasons. By getting to know the traits of each category, you can start to identify who in your business might fall into one of the categories and may therefore be a threat to your cyber security.

As with any risk management process, once you have identified your business risks and where they are coming from, you can put mitigations in place to minimise their potential to cause harm and consider some of the solutions Redstor have identified.

Maybe it is time to revisit your risk register and business resilience plane with this information in mind?

Redstor is available worldwide through a network of resellers.

For further information please visit:


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.


The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page