More than 50% of staff steal company data when they leave
Online, October 21, 2009 (Newswire.com) - Symantec and the Ponemon Institute, a leading information management research firm, announced the findings of a joint survey of employees who lost or left a job in 2008. Their research findings reported that 59 percent of respondents admitted to stealing confidential company information such as customer contact list. Of the respondents who admitted to the data theft, 61 percent reported having a negative view of their former employer.
The survey results revealed that the data stolen by employees included e-mail lists, customer contact list, company records. The most common medium of data theft was through CD / DVD burning (53%), followed by USB thumb drive (42%) and finally sending email attachments (38%).
The results also revealed that many of these instances of data theft could have been prevented, if the companies had implemented precautionary measures and technologies. Over 80% of respondents mentioned that their employers did not perform an audit of electronic documents before they left their jobs.
Others revealed that they still had access to their company's computer system or network even after they left the company.
The situation of data theft is also equally prevalent in Singapore. Just in 2009, seven Citibank employees were charged for data theft under the Computer Misuse and Banking Act. The ex-Citibank employees accessed confidential client information before they left (Citibank) and tried to bring them over to their new employer (UBS).
The case study emphasizes the fact that data theft is a very real threat to companies. With greater mobility of both employees and sensitive information, companies cannot risk letting their guard down in protecting their confidential, business critical information. With proper mechanisms and procedures in place, companies can track any foul play and get consequential evidence against the ex-employees who attempt to steal information before they leave the company.
In such cases of computer crime, computer forensics is used to track and reveal the foul play that has taken place. Digital evidence is highly malleable; it can be easily destroyed or altered if not handled professionally, even by just booting up the suspected computer with a quick browse. Therefore, it is important that as soon as breach is suspected, the company should enlist the help of a computer forensics expert to verify the suspicion and should not attempt to do the investigation without proper techniques and expertise. Instead, companies should approach computer forensic investigation companies for proper evaluation and advice.
Adroit Data Recovery Centre (ADRC) Pte Ltd is South East Asia's leading data recovery centre equipped with the first Class 100 clean laboratory in Singapore. It has an un-paralleled capability and the setup to acquire and collect the digital evidence from all kinds of working or damaged media while observing the strictest process of computer forensic investigation.
ADRC's team of qualified forensic experts is also equipped with the technical expertise of networking, system security and cryptography in order to perform a complete investigation. Moreover, ADRC is able to provide court-ready reporting of digital evidence for civil and criminal litigation through the installation of rigorous forensic methodologies in order to identify, acquire, preserve, analyze and document digital data (electronically stored information) for use as evidence in court or other legal or administrative proceedings.