Today more than 300 million people are working remotely — creating, accessing, sharing, and storing data wherever they go — and data breaches arising from insider threats and simple mishaps can cost businesses an average of $7.5 million annually. Ultimately it doesn’t matter if a breach is intentional or accidental. Insider risk programs should be part of every company’s security strategy. To be successful, organizations should lead with their employees as partners in the effort and supplement their program with advanced tools that detect and mitigate insider risks wherever they arise. The author offers four lessons he’s learned as Microsoft’s chief information security officer.