Protect against your staff stealing valuable data

Businesses are facing an increasing threat from staff who steal valuable data to help them set up a rival firm or take to a new job with a competitor, according to recent research.

A survey by the security software company Symantec found that 56% of employees don’t think it’s a crime to use competitive data taken from a previous employer. More than 50% of those who lose their jobs keep confidential information, and 40% plan to use it in their new job.

A spokesperson for Symantec said: “Companies cannot focus their defences solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain.

“The everyday employee, who takes confidential corporate data without a second thought because he/she doesn’t understand it’s wrong, can be just as damaging to an organisation.”

Employers will clearly want to implement technical security measures to reduce the risk of data being stolen, but there is also a great deal they can do to protect themselves from a legal standpoint. It’s important to ensure that staff contracts include restrictive covenants to prevent the misuse of confidential information during the period of employment, and afterwards when the employee leaves the company.

Employers can reduce risks by reviewing staff contracts and updating where necessary as an employee’s status changes. This is important because it is not uncommon for firms to leave staff on basic contracts long after they have moved up the ladder from junior to senior positions. By that time, they may have access to highly valuable data but not be subject to any formal restrictions on how they use it.

Employers should also have procedures in place for dealing with an employee’s computer and other data storing devices once they leave the business. This equipment is often wiped so it can be used by another employee, but this runs the risk of deleting evidence that the employee had copied or downloaded valuable material before leaving.

A thorough check should be made before any devices are wiped.

Restrictive covenants can help to reduce the risk of misuse. However, they need to be drawn up properly. If they are not strict enough, they may not be effective, but if they are too strict or impose too long a time frame limiting an employee’s actions once they have left the firm, the courts might not uphold them.

For more details contact Paul Stevens - 020 8290 7422

to chat