Every year around this time while the spirit of the holidays is rolling in and the yuletide joy is being felt by many, Corporate America is going through another transformation behind the scenes. Many companies’ fiscal years end in December and a bad year could result in downsizing and a good year means growth and rebirth and a massive effort to recruit top talent to improve the organizations bottom-line the following year. This transformational time of year is also when departing employees choose to say goodbye and head toward supposedly greener pastures.
Is Nothing Proprietary Anymore? Some Departing Employee Statistics:
Next time you get that notice slip from a key executive who is potentially leaving for the competition keep the following statistics in mind. According to the Ponemon Institute, an independent research company who focuses on privacy, data protection and information security, 50% of employees who left or lost their jobs kept confidential information. Of those departing employees, 40% planned to use confidential information from a previous job at the new organization. If you look at the Bureau of Labor Statistics the average worker stays at his or her job for 4.4 years. The expected tenure of the workforce’s youngest employees is about half that number. Ninety-one percent of Millennials will stay in a job for less than three years according the Future Workplace. What does this all mean? It means padlock the china cabinet and bolt the chairs to the floor, because A LOT of company property is going out the door and into the hands of the competition.
Some Ideas for Protecting Company Information;
Below are some IT-related tasks to implement when a key executive parts way with your organization.
- Collect and preserve all company property issued to the departing employee (e.g. desktops, laptops, cell phones, iPads, notebooks, flash memory drives/devices).
- Confirm that no unauthorized information, file, document, or email transfers have occurred.
- Review computer access and print logs to determine if there has been any unusual or unauthorized use.
- Review internet history to determine whether third party storage sites were used.
- Review employee’s work email to determine whether third party storage sites were registered for and used.
- Review social media accessibility and retrieve all passwords.
Finally, consider having all electronic devices, mapped network drives and mailboxes forensically imaged and analyzed by a competent forensic investigator. Most common backup tools, including ghosting software, may not allow an investigator to analyze deleted files, internet history and unallocated space which can be the panacea of information. When engaging a third party forensic company make sure that the investigator has experience in these types of investigations, ask for the investigators CV and resume, and ask for a quote. Many times, data forensic companies who specialize in trade secret and breach of contract investigations will offer a reasonable flat-rate for a top level investigations.
Ponemon Institute (http://www.ponemon.org/)