To read this content please select one of the options below:

Towards protecting organisations’ data by preventing data theft by malicious insiders

Abir Al-Harrasi (Department of Information Technology, Petroleum Development Oman, Muscat, Oman)
Abdul Khalique Shaikh (Department of Information Systems, Sultan Qaboos University, Muscat, Oman)
Ali Al-Badi (Gulf College, Maabelah, Oman)

International Journal of Organizational Analysis

ISSN: 1934-8835

Article publication date: 17 August 2021

Issue publication date: 10 April 2023

1046

Abstract

Purpose

One of the most important Information Security (IS) concerns nowadays is data theft or data leakage. To mitigate this type of risk, organisations use a solid infrastructure and deploy multiple layers of security protection technology and protocols such as firewalls, VPNs and IPsec VPN. However, these technologies do not guarantee data protection, and especially from insiders. Insider threat is a critical risk that can cause harm to the organisation through data theft. The main purpose of this study was to investigate and identify the threats related to data theft caused by insiders in organisations and explore the efforts made by them to control data leakage.

Design/methodology/approach

The study proposed a conceptual model to protect organisations’ data by preventing data theft by malicious insiders. The researchers conducted a comprehensive literature review to achieve the objectives of this study. The collection of the data for this study is based on earlier studies conducted by several researchers from January 2011 to December 2020. All the selected literature is from journal articles, conference articles and conference proceedings using various databases.

Findings

The study revealed three main findings: first, the main risks inherent in data theft are financial fraud, intellectual property theft, and sabotage of IT infrastructure. Second, there are still some organisations that are not considering data theft by insiders as being a severe risk that should be well controlled. Lastly, the main factors motivating the insiders to perform data leakage activities are financial gain, lack of fairness and justice in the workplace, the psychology or characteristics of the insiders, new technologies, lack of education and awareness and lack of management tools for understanding insider threats.

Originality/value

The study provides a holistic view of data theft by insiders, focusing on the problem from an organisational point of view. Organisations can therefore take into consideration our recommendations to reduce the risks of data leakage by their employees.

Keywords

Citation

Al-Harrasi, A., Shaikh, A.K. and Al-Badi, A. (2023), "Towards protecting organisations’ data by preventing data theft by malicious insiders", International Journal of Organizational Analysis, Vol. 31 No. 3, pp. 875-888. https://doi.org/10.1108/IJOA-01-2021-2598

Publisher

:

Emerald Publishing Limited

Copyright © 2020, Emerald Publishing Limited

Related articles