The CEO called me in a panic. He had fired a poor performer earlier in the day only to find out that before the guy left the premises he wiped the hard drive on his computer clean and it looked like he saved a copy. Internal documents, work for clients, poof…gone. Disaster was avoided when in response to a pointed letter the disgruntled former worker later revealed that he had saved the information in another location.
A Symantec sponsored study completed earlier this year by the Ponemon Institute found that 59% of departing employees are stealing company data. The responses came from individuals who were fired, laid off or left on their own. It should be no surprise that they took customer contact lists, employee records and email lists. This was great information to use to get a new job and new customers.
Both current and former employees can take hard copy documents, download data to a CD, DVD or portable memory stick or simply send it to a personal email account as an attachment. Former employees may take these steps out of anger while those planning to leave mine the data for future use.
When employees have access to company data it would be impossible to stop every intentional or unintentional misuse. This does not mean that you allow the superstar sales person to use a client mailing list to send invitations to the charity event they are chairing. Your policy about use of company information should be clear, well documented and communicated often.
These steps will also help prevent data from growing legs:
- Terminate access to data, including on site and remote capabilities, for employees as soon as they are fired or laid off.
- Conduct a thorough review and audit of the employee’s paper and electronic documents.
- Monitor employee access to network or systems to make sure sensitive and confidential data is not being downloaded or sent to a personal email account.
Don’t wait until you are planning a lay off or termination to put procedures in place. Take steps to guard your valuable information every day.