Employees Remain Biggest Threat to Corporate Data
Does your company have rogue employees selling sensitive data and trade secrets to a competitor or identity thief? How would you know? By the time you find out, it is likely too late.
An audit of data theft cases by Palisade Systems, of Ames, Iowa concluded that the problem is larger than you might imagine. Over 65% of corporate data theft cases are attributable to employees. Either through theft or mistake, these employees caused the loss of more corporate proprietary information than competitors, thieves and hackers combined. Patent applications, research and development activities, trademarks, trade secrets and other sensitive corporate data are all at risk from accidental or intentional acts of employees.
To reduce these risks, it is imperative that every company have an employee handbook. The handbook needs to be updated regularly to address changing technology and procedures, such as those relating to confidential data transfer and security. At the very least, the handbook should address the following issues:
General Rules of Conduct (as well as unacceptable conduct)
Employment at Will (if applicable)
Resolution Process (written steps)
email policy (no expectation of privacy)
Internet Usage Policy (include monitoring procedures)
Performance reviews (at least annually)
Workplace Guidelines (attendance, dress, meals)
Blogging Policy (make sure it is specific to your company)
Document Retention (including litigation hold procedures)
Data Security (written guidelines and reporting procedures)
Data Confidentiality (signed by employee)
Non-compete agreements (if applicable)
Termination Procedure
Exit Interview
Rush Nigut of the West Des Moines, Iowa law firm of Sullivan & Ward, P.C. has been following the trend in his blog and has some simple solutions for reducing the impact of this potentially costly threat. Rush recommends a human resource audit, the outline for which is available free on his website.
The audit details the necessity of having appropriate termination procedures in place, including employee handbooks and exit interviews, before a termination becomes necessary. Well crafted termination procedures are probably the simplest and least costly way to prevent disgruntled employees from causing malicious damage to your company's invaluable data. For more information, contact Rush.
Brett Trout
An audit of data theft cases by Palisade Systems, of Ames, Iowa concluded that the problem is larger than you might imagine. Over 65% of corporate data theft cases are attributable to employees. Either through theft or mistake, these employees caused the loss of more corporate proprietary information than competitors, thieves and hackers combined. Patent applications, research and development activities, trademarks, trade secrets and other sensitive corporate data are all at risk from accidental or intentional acts of employees.
To reduce these risks, it is imperative that every company have an employee handbook. The handbook needs to be updated regularly to address changing technology and procedures, such as those relating to confidential data transfer and security. At the very least, the handbook should address the following issues:
General Rules of Conduct (as well as unacceptable conduct)
Employment at Will (if applicable)
Resolution Process (written steps)
email policy (no expectation of privacy)
Internet Usage Policy (include monitoring procedures)
Performance reviews (at least annually)
Workplace Guidelines (attendance, dress, meals)
Blogging Policy (make sure it is specific to your company)
Document Retention (including litigation hold procedures)
Data Security (written guidelines and reporting procedures)
Data Confidentiality (signed by employee)
Non-compete agreements (if applicable)
Termination Procedure
Exit Interview
Rush Nigut of the West Des Moines, Iowa law firm of Sullivan & Ward, P.C. has been following the trend in his blog and has some simple solutions for reducing the impact of this potentially costly threat. Rush recommends a human resource audit, the outline for which is available free on his website.
The audit details the necessity of having appropriate termination procedures in place, including employee handbooks and exit interviews, before a termination becomes necessary. Well crafted termination procedures are probably the simplest and least costly way to prevent disgruntled employees from causing malicious damage to your company's invaluable data. For more information, contact Rush.
Brett Trout
Other Related Topics:
Employment Law, Human Resources, Human Resource Audit, Corporate Law, Corporate Lawyer
Labels: employee monitoring, employment handbook, employment policies
