​How do you know when an employee is going to leave with all your corporate data?

  • David Gee (CSO Online)
  • 09 September, 2015 10:40

As the boundaries between work and leisure blur, it becomes an increasingly problematic question to answer. No longer it is the case the all files remain physically within the building; in truth corporate data is accessed from many locations and devices.

The real question remains – do we know when an employee is going to leave with corporate data? What clues exist to help you prevent this from happening?

I do recall some analytics that were run around which employees were the biggest users of external internet access. At the time it was just my team monitoring whether the recently changed policy of removing usage quotas was being abused or not.

My own observation at the time that there was a correlation between most of the Top 10 users and what I knew from Management Committee meetings to be many of the lowest performers in the organisation.

It’s the Quiet Ones

Often proven to be true, it is the individuals that you don’t suspect that actually are the staff that you need to actually monitor more closely.

This is particularly true when it comes to employees that are about to leave. Often they are the ones that are not taking leave. They may also be the diligent ones that are always working back when others have already left the office. Or in the case of mobile workers they are the staff that are logged in from home.

I’ve also seen firsthand that what the normal person who consider to be acceptable use of corporate assets – actually gets misinterpreted and remember a staff member who ‘borrowed” laptops to fund his gambling habit. Yes, and I did say ‘borrow’, that was the way he explained the situation.

However at the time I was more concerned about the potential data loss than the physical asset.

Silver Bullets

For most organisations, the approach to stop employees leaving with your data usually revolves around deployment of a Data Loss Prevention (DLP) Tool and or Email Filtering Tools. The real question is how effective are such tools in preventing the company’s secrets from leaving the building?

There is in reality very few silver bullets, these tools can be effective however they can provide 100% prevention. Just like an umbrella's that is expected to keep you dry when it rains. Clearly you are better with an umbrella but you will still get wet.

A DLP tool can prevent staff that are using an expected path to remove information and that’s where the story ends.

Gaps and Holes

It is the unexpected where the damage can be performed. Most organisations also try to prevent unauthorised use of Dropbox, Google Drive and other similar tools. The logic is sound that by blocking access of these tools to their user group it will prevent files being sent outside of the firewall without permission.

The truth is that there are a multitude of tools that can provide such functionality and the static ‘black list’ is just not dynamic enough.

It is only when you go to some of the major Indian outsourcers that you see that disabled USB and smartphones with cameras are outlawed. For the most part, we see that iPhones and Samsung phones are everywhere – thus taking a simple photo of a screen of data is the way such sensitive information can literally walk out the door.

What about old fashion print copies? Yes, while printing is monitored we really don’t check suitcases for removal of documents.

Social Media analysis

There are clues that can be found from mining Linkedin, Facebook Activity etc to see correlate poor performers and what these staff are posting on social media. There are specialist companies that do amazing forensics to understand who is connected to who. This analysis can look back in history and see patterns even when friends and connections have been undone.

Taking a larger data set, not quite big data of negative social media posts along with poor performer ratings, absenteeism can give you some interesting insights.

Yes, you can predict your employees engagement and more specifically when employees are going to leave with corporate data.

Blast from the past?

Try our new Space Invaders inspired video game NOW.

What score can you get ?