insider

A user (usually a person) that accesses a system from a position that is inside the system's security perimeter. (Compare: authorized user, outsider, unauthorized user.)

Tutorial: An insider has been assigned a role that has more privileges to access system resources than do some other types of users, or can access those resources without being constrained by some access controls that are applied to outside users. For example, a salesclerk is an insider who has access to the cash register, but a store customer is an outsider.

The actions performed by an insider in accessing the system may be either authorized or unauthorized; i.e., an insider may act either as an authorized user or as an unauthorized user.

A person with authorized physical access to the system. Example: In this sense, an office janitor is an insider, but a burglar or casual visitor is not. [NRC98]

A person with an organizational status that causes the system or members of the organization to view access requests as being authorized. Example: In this sense, a purchasing agent is an insider but a vendor is not. [NRC98]