Email is most common method employees use to steal data

20 Oct 2009

Email is the most-used method to steal information from companies by employees, according to Ireland’s leading computer forensics and information security company Espion.

The old-fashioned hard-copy printouts are the second most-popular method used to steal information from employers. Mobile devices, such as USB memory sticks and data CDs, are not as commonly used, accounting for less than 10pc of the cases where data has been stolen from an organisation.

Loyalty becomes irrelevant

“As employees become concerned about their own welfare, regardless of their loyalty in the past, there is a greater likelihood that they may turn on their employers,” Colm Murphy, technical director with Espion, explained.

“When employees feel that their position is threatened, or they are on notice, they may look at sensitive data as a valuable commodity that can be used for their own gain – to the detriment of their employer,” Murphy added.

“As companies take steps to safeguard systems and data from external attacks, they need to turn their attention to the threat that exists from within the company.”

Insider data theft may be easily unnoticed

Murphy highlighted the need for companies to incorporate inside threats into the Information Security programmes. “Insider data theft often goes unnoticed as the perpetrator has all of the required permissions for accessing data. No alarms are triggered and the crime can be committed virtually undetected.”

In today’s digital world, a company’s most-valued and sensitive data is no longer under lock and key. Information is stored in files and folders, accessible virtually and in daily use by huge numbers of users. Keeping it secure from an internal breach, while allowing it to remain accessible to the majority of non-malicious employees, is a challenge.

Tips to fight insider data theft

Among the steps Murphy recommends businesses take to combat insider data theft are:

-Review the lists of which employees have access to which parts of the network – restricting access to sensitive material to fewer people.

-Ensure computers are equipped with programs that required difficult-to-crack passwords and password-protected screensavers.

-Administrator privileges that give users broad access to systems should be tightly managed. Although users often request rights to carry out legitimate activities, such as a defragmentation, they could also use this “access all areas” for more malicious reasons.

-Watch out for any users repeatedly trying to access data they are not supposed to.

-Deploy monitoring/alert systems to provide real-time alerts to suspicious network activities. 

-Audit paper and electronic documents of any employees leaving the organisation.

“Not only is digital information easy to access from the inside, removing it is also quite straightforward. Email, printed copies and USB memory sticks make the transfer of stolen data extremely quick, easy and very discreet,” Murphy added.

By John Kennedy

Photo: Companies may want to incorporate inside threats into their Information Security programmes.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years