informa
/
Commentary

Your Employees Are Out to Get You

As yesterday's headlines of a massive insider security breach at DuPont make all too clear, your employees are more likely to be the ones stealing from you. And mobile technology is helping them.
As yesterday's headlines of a massive insider security breach at DuPont make all too clear, your employees are more likely to be the ones stealing from you. And mobile technology is helping them.There's a reason why people are sometimes escorted out the door when they are fired or laid off. If the person happens to have access to sensitive insider information or documents containing trade secrets, the idea is to get them off the premises before they have a chance to access proprietary company information and take it with them when they leave. The example provided by former DuPont research chemist Gary Min, who downloaded some 22,000 DuPont documents during his last few months with the company, is just one of many highlighting the risks posed by your own employees.

The prevalence of cheap, mass storage devices doesn't help. Think CD-ROMs, FlashDrives, iPods, Treos. If you wanted to steal company information in the old days, you had to literally take the paper or file boxes with you. Computers and tiny storage mediums have aided corporate crooks in making out like bandits. It's all too easy to download files, put them on a FlashDrive, stick the drive in your pocket, purse or brief case and walk out the door.

One way to combat the issue is to have strict policies in place that prevent employees from bringing mass storage devices into the building. These can be enforced at the front door with security checks that may or may not already be in place. (Of course, treating your employees like potential criminals doesn't exactly foster the best work environment, but what the heck.) Enterprise software providers also offer programs that will let network admins see what devices are connecting to their company's network, and kick them off if they aren't authorized.

The bottom line is, enterprises need to do their homework and figure out if and how sensitive material can leave the office, and then formulate a plan to prevent it.