Do you worry about the information, data, and other property your employees are taking with them after a resignation or termination? If you believe the results of a recent survey conducted by Symantec, if you're not worried, you should be.
According to the survey, half of employees who left or lost their jobs in the last 12 months kept confidential corporate data, and 40 percent plan to use it in their new jobs. The results are jarring:
- Sixty-two percent of employees believe that it is acceptable to transfer work documents to personal computers, tablets, smartphones, or into the cloud, and most never delete the data they've moved.
- Fifty-six percent see nothing wrong with using a competitor's trade secrets.
- Given the example of a software developer who develops source code for a company, 44 percent believe the employee has some ownership in the work and inventions.
- Fifty-one percent think it is acceptable to take corporate data because their company does not strictly enforce policies.
- Employee education: Organizations need to let their employees know that taking confidential information is wrong. IP theft awareness should be integral to security awareness training.
- Enforce non-disclosure agreements (NDAs): In almost half of insider theft cases, the organization had IP agreements with the employee, which indicates the existence of a policy alone—without employee comprehension and effective enforcement—is ineffective. Include stronger, more specific language in employment agreements and ensure exit interviews include focused conversations around employees' continued responsibility to protect confidential information and return all company information and property (wherever stored). Make sure employees are aware that policy violations will be enforced and that theft of company information will have negative consequences to them and their future employer.
- Monitoring technology: Implement a data protection policy that monitors inappropriate access and use of IP and automatically notifies employees of violations, which increases security awareness and deters theft.