When employees leave your company, by being fired or otherwise, are they taking files (paper and digital) with them, that should not be taken?
In a study conducted by Symantec, they found that of the employees who take company data, 64% took old emails, while 62% took history and hard copy files with them. Of least interest were PDF files (9%), Access files (8%) and source code (3%). The survey also noted that most employees take hard copy data (that is, paper documents); the next most popular media are CD's and DVD's (53%) and small USB drivesw (42%). Over a third of the ex-employees who took files (38%) sent the data as e-mail attachments to their personal accounts.
What can you do? The report mentions the following options:
- Ensure that policies and procedures clearly state former employees will no longer have access to sensitive and confidential information they used in their jobs. This includes information on laptops and other data bearing devices as well as paper documents. The policy should outline what information is considered sensitive and proprietary.
- As part of the exit interview, the supervisor/business unit manager and/or someone from IT security should conduct a thorough review and audit the employee's paper and electronic documents. This includes checking electronic devices and paper documents.
- Prior to the employee leaving, the company should monitor his/her access to the network or system to make sure sensitive and confidential information is not being downloaded or sent to the employee's personal email account.
- Steps should be taken to ensure that the former employee is not able to access the company's network or system once the relationship has been terminated.
- Extra precautions should be taken with former employees who have been asked to leave and/or are disgruntled. As the study reveals, emploees who have unfavorable views of the employer are far more likely to steal data.
I strongly recommend that you also work closely with your local computer consultant, who specializes in security, to look at your policies and systems to ensure you are doing everything you can to be as secure as possible.
One important reminder is to take the necessary steps in hiring employees that are honest and ethical. These upfront procedures will help protect your company on the back end.
Having clear policies in place and a "to do" list of tasks when employees leave are imperative measures to help keep your company's valuable data safe and secure.
Share your thoughts – add your comment to this posting. (You must be logged in to comment; to log in, click “log in” at the top of this page.)