Abstract:
hreats resulting from authorized users, specifically insiders, pose as one of the most
challenging security issues that many rganizaiooons face today. Insiders often attack using
authorized access and with actions very similar to non-malicious behavior. Insider threat poses
a great risk to organizations due to the mere fact that they have privileges and authentic access
to confidential data. Safeguarding information protect organization’s confidential data and
other sensitive information that might compromise its operations and competitiveness. Insider
attacks comprise of deliberate and unintentional access to an organization’s system, network,or data and intentionally exceeded or misused that access in a manner that negatively affects
the confidentiality of the organization's information or information systems. Insiders attacks
take many forms including worms, viruses, Trojan horse, detection or alteration of data,
sabotage, espionage, fraud, theft of necessary data or destroy of data, financial loss or
reputation damage. The insider threats usually compromise the Confidentiality, Integrity and
Availability of data in an organization. However, this research emphasizes specifically on data
confidentiality because confidential information may be misused to commit illegal activities in
case it fall into the wrong hands. In addition, the disclosure of sensitive information can lead
to loss of confidence and loyalty. Information is extremely valuable and central to performance
of the organization therefore, breaching confidentiality may result in loss of productivity and
destroy the business. The study proposes development of a security a tool that addresses data
confidentiality by monitoring domain users’ activities. The tool will monitor activities such
copying, modification or deleting confidential data.