Many organizations have found that one of the greatest data threats they face is not an attack from external actors, but from within, from employees who move on to another company or to branch out on their own.
Not only is an employee taking their experience and know-how with them, they may well be taking some of your data and intellectual property. It is easy to overlook the amount of data an employee may have stored in the cloud that they could take with them, to the advantage of their new employers or their own business. Surveys have shown that 63% of employees admit they brought data from their old employer to a new one. Furthermore, employees who have been dismissed or have left due to a grievance could damage your operations by releasing your confidential data or even attacking your system using data they have taken with them. To protect against this threat from within, good data management processes are essential. Don’t try to keep them secret: make sure every employee knows where they can store company data, how it can be used, and what applications they can use it with. Having an open security culture and explaining the reasons for its existence is crucial; if employees are aware of your data rules, they are less likely to breach them.
Research has shown that three-quarters of employees believe that data they create while working for a company still belongs to them, and you need to address this concern properly; after all, when employees leave, you don’t let them take their company phones, iPads, or office furniture with them, and the same should apply to data. Make sure that all data is carefully monitored so that you know where employees are storing it and how to get it back if they leave.
Safeguarding your data is an ongoing process, and you should run ongoing training for your employees making it crystal clear what sort of data belongs to them (e.g., personal contact lists) and what belongs to the company. Technology has a big part to play in this process; too many companies have focused on stopping data from leaking either by accident or through hacking, and have not paid enough attention to departing employees who could simply walk out with the data. Numerous security programs are available that will track data throughout your company and alert you if it looks as though it is being used in an inappropriate manner or released to others.