In small and mid-market companies, employees are the greatest source for theft of the confidential information and trade secrets of the company and its vendors. Surprisingly, there are three free or low- cost cyber theft reduction and tracking tools every company should incorporate into its IT infrastructure.
Trade secret Theft by Employees Typically Occurs in One of Three Ways
1. Employees email trade secrets from their company email account to their personal email address or that of a competitor, and then delete their sent email immediately. This act goes undetected because most email platforms perform only daily back-ups of the email server.
2. Employees plug a thumb drive or other external memory storage device into their company-owned computer and download the company's information onto the external memory storage device.
3. Employees connect to an internet-based cloud storage service such as Microsoft iDrive and upload company information to a cloud storage account.
Critical Basic Information Tracking and Information Preservation
Three easy and low-cost cyber theft reduction tools every company should incorporate into its computer network and IT infra structure:
1. Email Enterprise Vaults are a feature that exists on most hardware-based network and email servers and can be selected with most cloud-based server subscriptions. These enterprise vaults make an automatic non-alterable, non-deletable copy of every email sent or received as soon as the email is sent or received. This prevents employees from hiding the evidence of their emailing company confidential information and trade secrets to themselves or a company's competitors. In the event of litigation, companies who use enterprise vaults do not have to worry about receiving litigation preservation letters since the evidence is automatically preserved and the company cannot be accused of deleting or hiding emails.
2. Anti-Deletion Programming is a setting that can be placed on most servers at little or no cost. This programming prevents employees from permanently deleting documents created or saved on the company network. Senior executives are given a secret code that, when used, automatically restores anything that had been deleted within a stated time frame. A report is also automatically generated that tells these senior executives who deleted the trade secret information and when they deleted such information. The use of anti-deletion programming is a critical tool to prevent loss of critical trade secret and confidential information and detection of the identity of the thieves engaging in such misconduct.
3. Key Stroke Surveillance Software is a relatively inexpensive software that is incredibly valuable as an anti-theft tool. This software tracks every key stroke of every user on the network. It will detect if a user is trying to improperly download, copy, print or delete information that these users are not authorized to use in that manner. Also, it will send an automatic warning to key senior executives if an employee is accessing information the employee should not be accessing or is doing something with that information that the employee is not authorized to do.
Before a departing employee's exit interview, a company can run an activity report to make sure that the employee has not tried to steal company confidential information or trade secrets before the employee's departure. This software will also provide forensic evidence of theft that will be invaluable in court or the police to prove the employee's misconduct.
Conclusion and Takeaways
It is critical for a company to use the suggested information preservation and tracking technology to deter theft. If theft occurs, it is also critical to be able to have recorded all of the tracking information that will identify who, how and when a company's information was stolen.
Copyright ©2018 Paul C. VanSlyke
Hoover Slovacek LLP
5051 Westheimer Suite 1200
Galleria Tower Two
Houston TX 77056