The deadly insiders
The enemy within is deadlier than the one without. As a business leader or entrepreneur, it is your business to keep a watch on the kind of activities staff conduct
The issue
Many current and former staff steal intellectual property. This makes the company less competitive. The easiest way to steal intellectual property is through using the PrtSc key on the computer; to print screen and paste in one-note or word document or a document like MS Excel.
The second common method of stealing intellectual property is where employees bring their own devices. Without a clear BYOD policy, it becomes difficult to manage the official company information stored on private machines like laptops, smart phones and other gadgets like iPads.
The third and deadly method is email forwarding. All official company emails are auto forwarded to the suspect’s cloud email like gmail or outlook or yahoo mail. In the end, the person has a copy of ALL official documents.
The common strategies to prevent intellectual property theft is disabling use of thumb drives on laptops and DVC/CDs; email keyword monitoring and enterprise wide document share management. However, with print screen options and saving in word or MS Excel, it becomes difficult to whitelist such documents since they are in a picture form and not text. Saving company information on private machines is tough because staff go home with their gadgets every evening and it becomes too complicated to examine the contents daily. It is easy for someone to go home and share confidential documents.
The email server admin can decide to make a copy of ALL staff emails by forwarding to their private cloud email without any notification. This is one of the deadliest strategy for intellectual property theft and company secrets disclosure.
The solution
Undertake a thorough security monitoring and surprise proactive forensics especially if your business is creating or managing trade secrets or those of others. Companies like law firms keep a lot of confidential data. There is need to implement network OCR forensics to note only index text, but also images for specific keywords. As you can imagine, enterprises keep a lot amounts of data. You need to be lucky to get someone trying to steal your trade secrets.
Consider engaging Summit Consulting Ltd as your cyber security manager for real time solutions like security as a service. With SeaaS, ALL your enterprise logs are captured in real time from all core servers and network devices and backed up in a remote location. Visit www.summitcl.com/security to learn more.
To download the Project Front Lines Report 2018, click here and scroll down
Responses