Senior management isn’t immune to corporate leaks and insider threats. Goldman Sachs was fined another $36 million this month after allowing one of its newer employees from 2014 to leak documents to his senior manager. Rohit Bansal was hired in 2014 to oversee a Goldman Sachs client. Bansal happened to be a former Fed. After working 7 years with the New York Fed, Bansal joined Goldman Sachs and was immediately assigned one of their midsized banking customers.
Because Bansal worked for the New York Fed, he had access to private data from his former colleague. The colleague passed information to Bansal who then passed it to his senior manager, Joseph Jiampietro. Regulations state that it would then be Jiampietro’s responsibility to report Bansal, but instead Jiampietro continued to quietly accept the private documentations and insider knowledge.
This new discovery has led to another fine on Goldman Sachs and the Feds coming down on Jiampietro as well as other senior managers. The insider compliance risk also threatens to have Jiampietro fined and possibly jailed for failing to report the incident. This opens the doors for several investigations in which Goldman Sachs and the US government have been sharing information. The problem has even initiated the term “Government Sachs” to indicate that both have close ties.
This case is a very high-level example of insider threats that could have been avoided should proper monitoring software be installed on the network. Documents stored on the network can be analyzed for common access and then this analysis used to determine any inconsistencies in file access. The right monitoring system can alert IT or any other high-level administrators and managers of any non-standard file access.
The Goldman Sachs issue is one such case that shows the impact on an organization should employees stop adhering to standards and requirements with corporate documents and inside the intellectual property. The monetary damages to the organization — especially financial firms — continues to grow, and the number of incidents continues to increase as more organizations store sensitive data on networks where authorized employees have access to any number of private documents.
Not only does monitoring software help the organization recognize these threats, but it can also stop them before they turn into critical threats that can turn into several months of document leaks to the public or even your competitors.