In the modern world of near-constant high-profile cyberattacks, most companies are worried about external hackers breaking into their systems and stealing their data. While these hackers do certainly present a threat, an even bigger one is lurking right under your nose – your own employees. According to a recent Ponemon Report on the Cost of Insider Threats, the frequency and cost of insider threats —which include disgruntled employees— have increased dramatically over the past few years. Criminal and malicious insiders cost organizations an average of $756,760 per incident in investigation, response and remediation costs.
When employees leave a company, whether voluntarily or involuntarily, it is quite common for them to take sensitive and confidential company data such as intellectual property or trade secrets with them. Former employees may hang onto login credentials for wireless networks, company and customer information databases, customer relationship management (CRM) applications, social networks, and more. They may have copied sensitive information onto personal devices or personal cloud storage accounts.
Often, employees don’t have malicious intent when they take your data. They may forget that they’ve downloaded a sensitive file to their smartphone or think it’s okay to build a personal portfolio of materials they have created while working for your company. For example, the Federal Deposit Insurance Corp suffered an accidental data breach when a former employee unintentionally left the company with a storage device containing information and data relating to 44,000 customers.
However, if an employee suddenly resigns or leaves the organization on unhappy or bad terms, there’s a risk that these employees would try to harm the company by leaking confidential information about the company. The theft of this information can damage your company in various ways, including putting your company at risk of a regulatory violation, harming your competitive position, reputational damage, and revenue loss.
If your offboarding process doesn’t give you confidence that former staff no longer have access to your organization’s infrastructure, then chances are your environment is sprinkled with security gaps. That means former employees may still be able to delete files, misconfigure servers, alter data, or steal intellectual property. Here are some steps organizations should adopt to ensure that no data leaves with an employee who has resigned or was terminated.
To reduce the risk of employees taking information with them when they leave, employers should establish detailed and thorough policies and procedures focused on ensuring visibility into employee practices, limiting employee access to data, requiring encryption of sensitive data, managing devices properly, ensuring that data is backed up and archived properly, and ensuring that IT has access to all corporate data to which it should have access (some confidential data, such as HR data, should not be available to IT in all cases.
To support these policies and procedures, organizations should evaluate and deploy various technology solutions such as content archiving, file sharing and collaboration, encryption, mobile device management, employee activity monitoring, data loss prevention, logging and reporting, virtual desktops, and other solutions that will minimize the possibility of employees misappropriating corporate data upon their departure.
With data breaches becoming increasingly prevalent in the workplace today, coupled with a handful of potential thirsty-for-revenge employees, organizations need to take extra precautions to safeguard the company whenever an employee leaves. As one of the top cybersecurity consulting firms in Indiana, Schilling IT helps organizations of all sizes ensure that they are properly protected from any potential breach when employees leave their employment. We provide comprehensive cybersecurity solutions to secure your organization from all cybersecurity threats (external and internal). Contact us today to schedule a consultation with one of our cybersecurity experts and get a free quote.
My experience with Schilling IT has always been excellent. For the most part, Cirro Ramos has been the person to assist me. Cirro is consistently pleasant, knowledgeable, and patient. He never stops until my problem is resolved. I am so grateful that our organization has Schilling IT to help us with our needs!
~ Angela HarrisSchilling IT provides a personalized, expert solution for all our IT needs and even more. They have never avoided helping us with anything related to technology even if it may fall outside their typical course of business. They have been the complete solution for anything relating to computers, technology, and IT. Their response time has always been fast.
~ VJ DamasiusSchilling IT and all of their employees are excellent!!! They always take care of any issues we have in a timely manner and I would recommend them to anyone!!
~ ShannonGreat customer service, and quick!!! Total professionalism on appearance and demeanor. Completely satisfied with the work we had performed.
~ Kerry drakeSchilling IT is professional and quick to resolve your IT problems. I highly recommend their team!
~ Jorie Jones-Prather