Handling Employees To Prevent Corporate Espionage
Companies today must remain vigilant in order to prevent their trade secrets and other confidential information from being compromised.
Such concerns stem from both outside and inside the organization. Increasingly common, employees often intentionally or unintentionally “leak” confidential information stored on company computers, laptops, or networks.
The following is a recommendation list of options for use by companies in an effort to prevent breaches of data made by employees:
Preventing Data Breaches
- Monitoring of all electronic devices used to access information, including company computers, cell phones, and other devices.
- Outside of the office, monitoring the use of employee postings to social media and discussion boards–especially those that are outside of the company intranet could be useful.
- Restricting or not allowing the use of non-company devices on company computers and networks, such as CD/DVD writers, USB flash drives, and other media.
- If possible, restrict employees to only use the company intranet. If not a possibility, restrict access to only websites or areas of the Internet needed to perform their job.
- Require employees to change passwords frequently. Require that passwords be comprised of a minimum of 8 characters consisting of upper and lower case letters, numbers, and special characters.
- Employers should consider installing surveillance cameras and audio recording equipment, if allowed by law, to deter potential information gathering and distribution of confidential company information. It is important that this surveillance also be monitored closely.
- Confidential designations and markings should be kept on all confidential information.
- Special care should be taken to closely monitor the electronic equipment and behaviors of employees who will soon be leaving employment with the company, as espionage is statistically more likely at that time.
- Education of employees regarding their responsibility to keep non-public company information confidential is essential.
- Teach employees to be vigilant of suspicious activities, including emails from unknown sources and potentially dangerous email attachments.
- Employees with access to confidential data should be made to sign a non-disclosure and non-compete agreement in order to give the company additional legal recourse in the event that an employee improperly discloses confidential information or customer data.
- At the initial employment stage, potential employees should have background checks or security clearances performed. In addition, a thorough history of employment and references should be obtained.
- Create an anonymous tip line where employees can report suspicious activities of others believed to be involved in corporate espionage.
- Provide information to employees on an as-needed basis only. Employees should have access to only the information needed to do their job.
- Companies should conduct internal investigations and follow up on reports of corporate espionage, including a method of reporting incidents to law enforcement (if needed).
Employees should be swiftly disciplined (which may include termination) for failure to follow company policies regarding the handling of confidential information.
The Take Away …
This list, although not exhaustive, should certainly provide some security policies and procedure ideas designed to protect a company against corporate espionage. Remember…prevention is the key when it comes to protecting confidential data.
By Victor Joel Harvey / Edited By Taylor Ritchey
as well as
in the first place
in the same fashion / way
first, second, third
in the light of
not to mention
to say nothing of
by the same token
not only … but also
as a matter of fact
in like manner