The Postal Service is asking employees to remain vigilant for insider security threats that could compromise the organization’s operations.
Insider security threats refer to employees, contractors or business partners who fall into two categories: accidental insiders and malicious insiders.
Accidental insiders unintentionally violate security policies or online best practices by:
- Not physically securing laptop computers to their workstation
- Leaving sensitive information unattended on their desk
- Not locking their computer screen when away from their workstation
- Allowing individuals who don’t display verified identification to enter a postal facility
Malicious insiders purposely access or steal sensitive data by:
- Engaging in unauthorized, off-hours work
- Misusing company equipment
- Repeatedly violating rules
- Excessively copying or downloading sensitive materials
Malicious insiders are sometimes disgruntled employees who might exhibit sudden changes in personality or wealth and engage in online harassment and bullying.
If an employee demonstrates signs of being an accidental insider threat, notify a manager.
If you suspect an employee of being a malicious insider threat, notify a manager and send an email explaining the situation to the Postal Service’s confidential reporting mailbox at email@example.com.
The CyberSafe at USPS Blue and LiteBlue pages have additional information.