Danger Within

Given all the issues that IT Security Professionals have to deal with from external attackers, they must also be ready for the internal issues. Though internal security issues may never be eliminated, this paper addresses some technologies and procedures that can minimize the potential damage they may cause. Utilizing Role Based Access Control, encryption and strong authentication can help ensure that no one person holds the keys to the kingdom and only those with the proper 'need-to-know' are accessing systems and data that they are authorized to see.