Many administrators focus their information security practices on preventing external threats like malware infections or unauthorized system access that leads to data leakage. However, a considerable amount of groups do not consider internal risks like employee theft. Especially within an organization that leverages a BYOD practice, it is vital to include endpoint data protection for better oversight of company property and to prevent employee theft.
According to a recent University of Cincinnati survey, 64 percent of small businesses have been the victim of some type of employee theft. This can include the unauthorized removal of both physical and digital assets that could spell disaster if the content falls into the hands of competitors. However, although more than half of these organizations have experienced internal theft, only 16 percent of groups report the incident to authorities.
“It’s important to look at this topic because such theft represents a loss to the tax base and would seem to put such businesses at risk, and so, put our overall economy at risk,” said UC doctoral student Jay Kennedy.
Furthermore, this type of event most often occurs when employees are departing from the company, according to The Wall Street Journal. In today’s technological environment, data leakage has become easier for workers as well.
“Workers who wanted to take confidential corporate information with them when they left a company used to have to sneak paper documents out the door,” The Wall Street Journal stated. “Now, in a few clicks, corporate secrets can be downloaded to a mobile device or uploaded to an online storage service.”
The news source stated that this type of data leakage often goes unreported as well. However, these instances are important to bring to the attention of authorities to ensure that security breach tactics can be improved for the future.
Additionally, companies should be sure to employ endpoint security programs for improved data governance and to ensure that workers profiles allowing them to access company resources are deleted upon their departure from the organization.