March 27, 2015
Recently at one of our clients, a group of employees decided to set up a competing business entity months before resigning from their employer. In the months before their resignations, these employees had access to and participated in the development of the client's strategies for bidding on a lucrative contract. These employees, however, did not reveal to their employer that they had set up a competing company or that they were planning on bidding on that same contract once they quit.
This client was hardly alone in facing possible data theft and cover-up efforts by employees. At the end of last year, for example, a former Societe Generale, or SocGen, New York trader was found guilty of stealing high-frequency trading software code from the financial services company and using it to develop a similar system for a different company. As part of his job, this employee had access to portions of code for the high-speed trading software developed and used by SocGen. In June 2009, he was captured by surveillance cameras while printing out the code he had access to and leaving with hundreds of resulting pages in a backpack.
The following measures will put a company in a far better position to prevent and respond to data theft and computer scrubbing, rather than having to scramble after the fact:
If there has been data theft and related computer scrubbing, promptly assess the damage: What was taken, how, by whom and where was it sent? Given the often uncensored use of emails, a review of emails will likely be a great place to catch a trail, which is where the company's computer/email usage policy will come in handy.