IT security is not just about policing an organisation's perimeter defences and monitoring traffic coming into the organisation's systems from outside, but also about keeping an eye on material leaving the network. A failure to put strong content security systems and policies in place, to prevent inappropriate email and internet use by employees and restrict the extent to which contaminated material or executables can circulate within a network, could lead to financial, or operational damage and public embarrassment.

Forensic investigations by Context have uncovered a wide range of illicit staff activity, made possible by a lack of content security controls at the desktop and within internal networks. At the less harmful end, this has involved staff viewing or downloading pornographic content from the internet. More serious incidents have involved employees selling client data to competitor organisations, leaking confidential material to the press, using company equipment to run their own businesses, and involvement in criminal activity.