In the world of computing, giving 100% trust is deadly. In our corporate world, we put in place information technology controls and defenses in order to secure our corporate data from misuse, damage and intrusions from the outside. We install firewall on our servers that secure our information systems and databases. We employe various levels of authentication. We have authentications through usernames and passwords at the systems, network and database level. We have encryption algorithm and more you name it.
However, people run these systems. And in order to save on costs, most of the time corporations, especially small and medium sized ones put too much accountabilities and responsibilities on a single person to save on cost. Such a setup however, results to weak internal control and putting incompatible functions at the hands of a single individual.
This is where the risk lies. At some point in our lives, people encounter a point where they have great financial problems. They sometimes utilize the trust given them to profit from it. And when their financial problem is over, they can't let go of the easy money that they began to be accustomed to.
In the world of digital computing, risk lies in the security of data. We must always secure our data, because data that they may seem so innocent to us, may actually be a source of profit for other entities. And other entities that have an interest in your data, may bribe your trusted people to hand them even just a portion of such data.
It is therefore necessary to regulary rotate your IT people and always have a succession planning in place in your organization to prepare for an event where you have to replace them. You also have to be careful in the hiring of your IT people since their position is so sensitive as compared to other units in the organization.
Remember, you have to employ some level of trust but not 100% trust.