True story (or so I'm told): With Web mail accounts strictly prohibited by corporate policy and the ban enforced by filtering software, the potential customer assured technicians from Reconnex there would be no need to check for this particular security threat as part of the vendor's free 48-hour e-Risk Rapid Assessment.

No harm in checking anyway, the techs assured their prospect.

And, of course, they did find Web mail, the first of which bragged: "Hey, I finally figured out a way to get around this ban on Web mail."

Author Dan Verton, a former Computerworld reporter, has collected buckets full of such tales - many of them far more serious, some downright criminal - in his new book entitled The Insider: A True Story . While every IT professional already knows that security threats from within are often more dangerous than those kept at bay by firewalls, the book shines a spotlight directly on the depth and breadth of the problem.

There are examples and anecdotes aplenty plucked from today's headlines and recent history - who knew that the cosmetics industry was so cutthroat? But the book's most telling tales are gleaned from the first 50 of those risk assessments conducted by Reconnex, a start-up headed by veteran entrepreneur Don Massaro.

"This is real live information taken from large companies and agencies, and in some cases where the person who's doing the criminal activity has not been caught," says Verton, whose previous books include Black Ice: The Invisible Threat of Cyber-Terrorism . "This is what's really happening behind the firewalls."

A pretty picture it isn't, either for the IT executives learning the unvarnished truth or the wayward employees caught red-handed abusing company networks and ignoring policies.

"On many of these occasions somebody - or multiple people - ended up getting fired as a result of the data that was found," Verton says.

"One of the cases really stands out in my mind. It was a major government agency that was just completely drowning in pornography and gambling sites and all kinds of inappropriate content. They thought they had tools that were blocking access to this stuff. They found so much hate and racist content and pornographic content that the people who were in the room from the agency when they got their briefing basically had to get up and leave - it was that bad."