News, events, media, seminars and more
Companies of all descriptions share the risk of potential data breaches due to the actions of former or departing employees. This isn’t helped by the fact that data held within most businesses is now electronic, making it easy to copy and steal huge amounts of information.
A study conducted by the Ponemon Institute identified that 59% of employees who either resign or are asked to leave, subsequently take confidential business information with them. The study also found that 65% of respondents admitted to taking proprietary and confidential data that could affect their former company’s business competitiveness and result in a data breach.
There are various reasons behind the type of confidential data taken by employees, which can often be related to the reason for their departure. Are they disgruntled, in the process of being dismissed or leaving for a competitor? They also may not be leaving at all and could be stealing data for financial gain whilst remaining in their current employment! In 2015, an existing employee of AXA insurance was jailed for stealing customer data that was then sold onto a competing claims management company.
Types of data can include:
There are multiple mediums and approaches an employee can utilise to steal data from a company, such as:
Copying files to a USB storage device is one of the most common methods of data extrusion. External storage devices can hold huge amounts of data, are readily available and can be easily concealed.
In 2015, fitness technology company Jawbone sued Fitbit in California State Court. They accused its rival of “systematically plundering” confidential information by poaching several Jawbone employees.
These individuals downloaded Jawbone’s sensitive trade secrets and intellectual property such as business strategies and product information. According to court documents, thumb drives were used to download records, and programs were used to cover their tracks or erase system logs.
An obvious method of data theft is the use of a smart phone. Whether an iPhone or Android device, many smart devices have considerable storage capacities, with some modern phones even holding up to and beyond 256GB; more than enough storage to facilitate the exfiltration of confidential company data.
Another powerful method of taking company information is to simply take photographs of the screens from other devices! This can evade traces of access on the mobile phone itself, proving difficult to uncover wrongdoing.
Email transfer is another convenient and highly-accessible method for departing employees to syphon data. An individual can send large amounts of sensitive data to a personal email account, circumventing their business networks. In 2017, the ICO (Information Commissioners Office) prosecuted an employee for stealing data by sending emails containing commercially sensitive information from a work account to a personal account. The employee sent details of 957 clients to his personal email address as he was leaving to start a new role at a rival company.
Cloud storage services such as Dropbox, OneDrive and We.Transfer can be utilised to great effect given they are remotely-accessible by design. This allows for the data to be uploaded from, for example, a work computer and then accessed on third party devices where the data could then be downloaded onto.
Businesses can deploy basic data security methods to make it more difficult for disgruntled employees to steal confidential data.
Steps that can be taken include:
Technology and data security policies will help prevent casual data theft. However, a determined employee will still attempt to steal data, especially in circumstances pertaining to setting up their own business or leading to their own financial gain. If this occurs, digital forensics can play a vital role in identifying evidence of data theft prior to, and during legal proceedings.
Computer forensics experts can find and evidence instances of an employee’s improper conduct utilising specialised software, hardware and techniques.
Typical aspects of investigation include:
If you suspect an employee is stealing data from within your company, CYFOR can assist. Speak with one of our specialist Case Managers who will be able to advise on the best course of action to providing digital evidence in relation to your matter.
London: 0207 438 2045
Manchester: 0161 797 8123