The Threat You Already Hired
- Marketing Online
- Jun 25
- 3 min read

Why most data loss in Thai companies doesn't come from hackers — it comes from the people you trust.
When a Thai company finally invests in security, the money almost always goes to the perimeter — a new firewall, antivirus on every machine, a padlock on the front door. That instinct isn't wrong, but it's aimed at the wrong threat. The most expensive data losses we see don't come from a stranger breaking in. They come from someone who was handed a key on their first day.
The hacker is not your biggest risk
It's a comfortable story: a faceless attacker, somewhere far away, defeated by better technology. It lets us treat security as something we can buy and install. But look at how data actually leaves an organisation. A departing employee copies the customer list to a USB drive. A contractor with remote access to your ERP downloads more than the job requires. A finance staffer emails a sensitive spreadsheet to a personal account "to finish at home." None of these people are hackers. All of them already passed your firewall — because you let them in.
Two doors, both unlocked
Data leaves through two very different paths, and most companies guard neither. The first is the cloud: email, OneDrive, SharePoint, Teams — where a single careless share can expose a folder to the open internet. The second is the endpoint: the laptop itself, where files move to USB sticks, get printed, get pasted into a chat. Your firewall sees none of this. It's watching the road while the data walks out the side door.
This isn't about distrust — it's about governance
Here's the part that makes leaders uncomfortable: the people with the most access are often the least watched. Your IT administrators can reach every system, every file, every log — including the logs that are supposed to record what they did. That's not an accusation. It's a structural gap. Good governance doesn't assume bad intent; it removes the opportunity for a problem to go unseen, and it protects honest staff by making the record clear.
The question isn't whether you trust your people. It's whether you could prove what happened if something went wrong.
Why this matters more for a 20–100 person company
Large enterprises have whole teams watching this. A 20-to-100-person company in Thailand usually has one or two IT people doing everything — and they are the same people who would need to be overseen. Add PDPA obligations, customer data you're contractually required to protect, and the very real risk of a key employee leaving for a competitor with your files, and the exposure is not smaller than an enterprise's. It's just less watched.
Where to start
You don't fix this by buying another tool and pointing it at your staff. You start by understanding where your sensitive data lives, who can reach it, and whether you'd have evidence if it walked out the door. Over the next six weeks, this series walks through exactly that — from the privileged-access blind spot, to doing employee monitoring legally under PDPA, to what a low-risk proof-of-concept actually looks like.
Key takeaways
Most data loss comes from trusted insiders, not external hackers.
Data escapes through two unguarded doors: cloud services and endpoints.
Your most-privileged users — including IT — are often the least monitored.
A 20–100 person Thai company's exposure is as large as an enterprise's, just less watched.
Good monitoring is about governance and evidence — not distrust.
Could you prove how your data walks out the door?
This is Part 1 of our 7-part DLP Awareness series. If you'd like the short self-check we use with clients to surface insider-risk gaps, start with a brief conversation — no sales pitch, just clarity.


