RSS Alerts
Duncan Garner

Related Stories

  • Keeping sensitive information secure when staff is leaving
    Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, let alone their entire lives. But with such a fluid stream of employees keeping human resources busy, and countless eyes being cast over company data, Rob Stringer investigates how sensitive information can stay faithful to its organisation, even if its staff don’t...
  • Comment: Securing the mobile workforce and your company's data
    Andy Cordial of Origin Storage provides tips for organizations seeking to secure data in a world where mobile tools are quickly becoming primary devices for employees.
  • As temp staff take over for Christmas, Courion issues security advice
    With the Christmas and New Year holidays looming, Courion Corporation, the access governance and compliance specialist, has released `five golden rules' - a set of best-practice-based guidelines for companies looking to reduce the security risk posed by temporary workers.
  • The user is not the enemy: How to increase information security usability
    People have long been accused of being the ‘weakest link’ in information security, but what if lack of usability and information security training is actually at the heart of the matter? Wendy M. Grossman investigates
  • Social networking - a risk to information security?
    As the popularity of social networking sites continues to mount, it becomes increasingly important to consider the information security risks posed in the context of a wider data loss prevention and reputation management strategy. Cath Everett reports

Feature

Comment: Exit strategy - How forensic ready are you?

06 January 2010
Duncan Gardiner, Epiq Systems

Losing a key employee is never easy, but it can be harder still if they take confidential company information with them. Duncan Gardiner, director forensic services at Epiq Systems outlines the steps that companies can take to protect their positions, both before and after such an event.

Knowledge is power, and the growing power of technology means that employees may be privy to a good deal of a company's key information. There is much commercial value in a company’s data – for instance, customer details, pricing information and business plans. These are often the types of information that departing staff may seek to take with them.

The multiplicity of technological devices that are now given to employees means that this has become a greater risk than ever before. It is now common for staff to be provided with company laptops, BlackBerries and web-based platforms, or to be allowed remote access to company servers. A company recognising the benefits that this technology affords it, will provide the employee the tools to work from home, the airport lounge or hotel room, and expect the person to use that technology within agreed boundaries.

While these technologies improve the productivity of your staff, they also increase the risk of sensitive data being taken by exiting staff without their employers' knowledge, often realising it only when its too late. In a flexible environment it is common to see employees using company resources for their own private needs. While this may do little harm, abuse can occur once a person has decided to leave the company. The technology becomes the means to transfer sensitive company information or organise a team defection.

The access to information afforded employees is typically backed by contractual obligations or company information security policies. However these documents may be drafted by individuals who have little technical IT knowledge and may not be au fait with the ongoing changes in a company’s IT infrastructure and the new security risks that technology may present.

The situation is further complicated by the fast pace at which new technologies are devised and implemented. This makes it hard to keep track of which individuals have access to particular technologies or data sets. Consequently it is a challenge to keep track of the information that a departing individual might take with them.

Employee exit

The vast majority of misappropriated information is discovered well after an employee has departed, often having already made use of the data. Company resources such as laptops, BlackBerries and server space are valuable. Normal commercial pressures mean they need to be recycled. Consequently, a person’s key data is often inadvertently destroyed when (for instance) a laptop is handed to a new user. Before such transfers occur, it is crucial to take steps to preserve an employee’s information to some less expensive medium.

Even if data is collected from departing employees, all too often the collection task is delegated to individuals with little or no investigative experience and insufficient understanding of the forensic impact of their actions. This is dangerous, since data is vulnerable to inadvertent change if care is not taken during its collection and review. Legal advisers have to meet tight deadlines sanctioned by financial penalties (for instance a response to the regulator) and can place technologists under extreme pressure during the data collection exercise. Individuals lacking experience in this process may rush to provide data for review without taking the proper precautions to protect its evidential weight (chain of custody) and so risk key evidence being thrown out by the court. Preparation and process is the key to ensuring a company does not fall into this trap.

Prevention check list

Here are a few preventative steps your company can take to protect company information.

  • Make sure you understand the risks any newly introduced technology presents.
  • Review information security policies regularly to ensure they stay current and fit for purpose.
  • When employees are exiting your company, backup their data and store it for a reasonable period. This will enable you to recycle any equipment immediately but still be in a strong position should an issue arise.
  • Compensate for any lack of internal skills by indentifying external help. If you follow these steps prior to an actual incident you will reap the benefits of being properly prepared.

Duncan Gardiner is Director of Forensics at Epiq Systems. He brings over eight years of forensics experience. Epiq Systems is a leading provider of integrated technology solutions for the legal profession, enabling clients to streamline the administration of bankruptcy, litigation, financial transactions and regulatory compliance matters. For further information please visit www.epiqsystems.co.uk

 

This article is featured in:
Business Continuity and Disaster Recovery Data Loss IT Forensics Public Sector Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water