MI5’s top tips for limiting threats from inside your organisation

The
UK’s intelligence service offers advice on limiting the risk of threats from
inside your organisation

1.
Establish the bona fides of potential employees. Ask the individual to provide
full name, date of birth and address with a supporting document such as a
passport or driving licence with photograph.

2.
Ask to see a recent utility bill(s) for the appropriate address.

3.
Accept only original documents – copies can conceal tampering.

4.
Request proof of academic or professional qualifications.

5.
Take up references from school, college, university and previous employers
(again, insist on originals), and check with the authors that they are genuine.

6.
Ask for details of unspent convictions, where allowed under the Rehabilitation
of Offenders Act, 1974. Individuals in England and Wales will soon be able to
obtain statements, known as ‘basic disclosures’, from the Criminal Records
Bureau (CRB) on payment of a small fee. In certain circumstances, for example,
where the post involves working with children or vulnerable adults, employers
who are registered with the CRB may seek details on a job applicant. Remember,
however, that a conviction – spent or unspent – need not be a bar to
employment.

7.
Where relevant, seek proof of right to work in the UK.

8.
Remind applicants that supplying false information, or failing to disclose
material information, may be grounds for dismissal.

9.
Make it easy for staff to discuss their concerns and problems confidentially
and informally, and to voice concerns they may have about others. Operate a
security awareness programme to remind managers and staff of potential threats,
both internal and external, and of their role in countering them.

10.
Operate a ‘need to know’ policy where possible, minimising access to
confidential locations, assets or information to only those staff who need it.

11.
Consider random searching on entry and exit of staff in particularly sensitive
areas, making allowance for the fact that this is intrusive and that staff need
to appreciate the reasons for it.

12.
Prevent staff from taking unnecessary items such as outdoor coats, large bags,
IT equipment or mobile phones into areas where there is sensitive information that
could be copied or stolen.

Comments are closed.