By now, you’ve most likely heard the story of “Bob,” the software developer who paid a Chinese firm to do his job so he could surf Reddit and watch cat videos all day. The company discovered something fishy was going on when they noticed an active and unauthorized VPN connection from China. This discovery alarmed the organization’s security, and it was then discovered that Bob had been paying about a fifth of his six-figure salary to someone to do his job while he surfed the Internet all day.
Yes, this is a funny story, but how much did you cringe, thinking this could happen to your organization? How do you monitor your IT staff? What has worked (or not worked) for you?