"The thing to do is to try to separate the duties out so that anything that happens would require collusion between more than one person to perpetuate fraud or do damage," says Pete Lindstrom, an analyst with . "The way you separate this is to have proactive steps and a logging or monitoring system that will record activity to other systems. It generates their tracks."

The challenge, Lindstrom says, is that IT insiders are often experts in their departments and they know how to work around such protections. "At this stage, it's a tricky game. A really clever attacker can do a lot to hide himself."

In addition to maintaining a separation of duties, it is important to really know who your company is hiring to take on critical IT tasks. "Certainly you should be doing background checks," Lindstrom says. "If you knowingly hire someone who has a history of hacking that's a risk you need to know about."

Companies should also work hard to limit the use of IT administrator accounts that are shared between several people, he says. "It's where you can run into problems," Lindstrom says. "You should try to minimize that. Try to convince administrators that they don't really want the responsibility of all this access because every cop knows that every crime is an inside job and if something happens, they'll be an early suspect."

Clearly delineating which IT staff members have specific privileges and responsibilities is crucial to preventing inside attacks, Lindstrom says.