Protect your business against staff stealing valuable data
Businesses are facing an increasing threat from staff stealing valuable data to help them set up a rival firm or to take to a new job with a competitor, according to recent research.
A survey by the security software company Symantec found that 56% of employees don’t think it’s a crime to use competitive data taken from a previous employer. More than 50% of those who lose their jobs keep confidential information, and 40% plan to use it in their new job.
A Symantec spokesman said: “Companies cannot focus their defences solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain.
“The everyday employee, who takes confidential corporate data without a second thought because he/she doesn’t understand it’s wrong, can be just as damaging to an organisation.”
Employers will clearly want to implement technical security measures to reduce the risk of data being stolen, but there is also a great deal they can do to protect themselves from a legal standpoint.
It’s important to ensure that staff contracts include restrictive covenants to prevent the misuse of confidential information during the period of employment and afterwards when the employee leaves the company.
The recently reported 25% increase in businesses taking court action against employees who misuse confidential information shows that the problem is becoming more widespread.
Employers can help protect themselves by regularly reviewing staff contracts and updating where necessary as an employee’s status changes. This is important because it is not uncommon for firms to leave staff on basic contracts long after they have moved up the ladder from junior to senior positions. By that time, they may have access to highly valuable data but not be subject to any formal restrictions on how they use it.
Employers should also have procedures in place for dealing with an employee’s computer and other data storing devices once he or she leaves the business. This equipment is often wiped so it can be used by another employee, but this runs the risk of deleting evidence that the employee had copied or downloaded valuable material before leaving.
A thorough check should be made before any devices are wiped.
Restrictive covenants can help to reduce the risk of misuse. However, they need to be drawn up properly. If they are not strict enough, they may not be effective, but if they are too strict or impose too long a time frame limiting an employee’s actions once they have left the firm, the courts might not uphold them.
Please contact Sing Li if you would like more information about the issues raised in this article or any aspect of protecting your business.