Data Theft - An Inside Job
In recent years, employers have become increasingly vulnerable to resentful employees misusing or stealing electronic data. John Holden looks at how employers may be at risk and how they can protect themselves.
As more and more businesses rely on technology for essential processes, it is no longer enough for them to think only in terms of controlling access to physical documents.
Modern technology allows for the transfer and/or exchange of huge volumes of electronic data in a matter of minutes. Unfortunately, this means that a disgruntled or departing employee can easily destroy, steal or misuse valuable proprietary information. He/she may even choose to pass on commercially sensitive data to a competitor, leaving his/her former employer potentially exposed to a loss of profit and/or costly litigation.
The internal risk
Employees often wrongly believe that the work they do on their employer's computer and the information stored on it belongs to them. But in most situations the information and data stored on the computer belongs to the employer, even if personal in nature.
Some employees would not hesitate to remove business information using portable storage devices, such as memory sticks or even mobile phones, or by burning data to CDs or DVDs. If it is not possible to remove data physically, they might email it to a personal account, such as Hotmail or Yahoo.
Businesses sometimes find that a vindictive departing employee has deleted or destroyed data and, on occasion, gone to extreme lengths to wipe all information from a computer or other electronic device. There have even been cases where equipment has been physically damaged.
Prevention better than cure
Businesses can safeguard their electronic data by introducing and enforcing policies that cover:
information security
practical acceptable usage
custody and physical handling of electronic devices.
It is vital that all staff are aware of the requirements that these policies place on them.
When it goes wrong
The demand for forensic technology services grew largely out of the need to recover and rebuild computer records and data for use as evidence in criminal proceedings. Such capabilities are now becoming a necessity in employment disputes and commercial litigation.
The following two examples involve the misuse of data.
Cracking the case
Two company directors were discussing staff bonuses via email. Attached to the email was a Word document listing the proposed...
To continue reading
Request your trial