Deep Secure
A report from British security firm Deep Secure has highlighted a worryingly high number of employees would exploit their companies data for their own gain.
Deep Secure produced the report, titled “What Is The Price Of Loyalty” which revealed that almost half of the questioned employees would be willing to sell corporate information to people outside the organisation, with 25% of those willing to sell for as little as £1,000
Insider Threats
59%
Of respondents reported that they had taken company information from the corporate network or devices.
| 19% IP |
11% Client or Customer information |
7% Company assets |
| I.P and personal work they had completed. | Contact details of clients. Sales Details. Information about the customers company. |
Logon information to external services (databases, subscription services, company benefits) Employee information. Company or customers credit card details. Product codes, patent information and product specifications. |
Insiders, usually employees but it covers anyone who has access to the private part of the network, were complicit in 28% of data breaches in 2017.
While 34% of those who took information from the corporate network did so because they thought it would be of value to them in a new role, 55% admitted to giving the data to a third party in exchange for payment. This was particularly notable amongst employees who had been at the company for less than 3 years.
Getting the data out
Methods used to extract the information from the corporate network included printing, making handwritten notes, taking photos, Email, saving to cloud storage services and saving to an external storage device.
Only a small percentage of those using a digital method tried to hide their tracks, using encryption techniques.
Protecting your information is essential, not only from a business reputation point of view, but also from a legal point of view, taking company data without permission, is theft.
If the information that is taken includes any personally identifiable information, your organisation could be fined for the data breach under the GDPR.
We can assess your data risks and design safeguards around your precious data to help prevent data theft.
2 Comments
Danial F · August 5, 2019 at 9:09 am
There is no way to stop an employer from steeling your data, even when you catch them doing it theres no way to get the ddata back or to fine them. We had this happen to us, we are a sales team and we had two staff sell our sales lists to other companies without us knowing, then go to work for them. This should be a law that protects us.
tinsleyNET Admin · August 6, 2019 at 3:18 pm
Hi Danial
There are solutions that can be put into place to make it very difficult for an employee to extract data from your corporate network without your knowledge, different solutions depending on the type of network you have in place. With the right network configuration, an audit of data can be kept so you can monitor who accesses what, where and how.
As with all security solutions, using tech is only half the battle, making sure staff are kept up-to-date on your data policies, keeping them informed on data security policies and practices and making sure they know what to look out for is the other half.
We can help with all aspects of your data security, from auditing access, restricting the ability to extract data and making sure you have a secure recoverable copy of your data, to monitoring how it’s used, and implementing data security policies across your organisations. #WeCanHelp