A Model for a Distributed Security Framework

Year
2014
Author(s)
Gayla Balatsky - Los Alamos National Laboratory
Carolynn P. Scherer - Los Alamos National Laboratory
Abstract
The issue of the insider threat has received substantial attention due to its necessity for security, and a reported majority of illicit trafficking cases stemming from insiders' actions. Beyond security concerns, malfeasant actions typically damage the employer's profitability and reputation. Compounding these problems, the complexities of the employer - employee relationship can hinder attempts to adequately address this threat. It is imperative for organizations to strike a balance between vigilant oversight and support of their employees. Recent changes toward a more mobile labor force elevate this threat and reduce the effectiveness of traditional solutions. Simultaneously, technological advancements empower employees to perform more actions without direct supervision and oversight, the traditional tools for mi tigating and countering insider threats. We propose the concept of a ‘distributed security framework’ in addressing insider threats within organizations, given the concerns expressed previously. Our findings necessitate a new discussion on balancing the pr evention mechanisms and mitigating deleterious insider actions against the broader employee freedoms necessitated by the modern work environment. Discussions of additional solutions will include training and mentoring.