Viruses, spyware, adware, phishing and hacking, not to mention spam delivering fraudulent activities through malware and organized criminal activities. The threats from cyber criminals is ever present in the minds of most bosses as even the most basic SMBs rely heavily on digital resources. However, whilst guarding against external attack, it’s important for company chiefs to be wary of the damage and harm their own allies can cause too. Data breaches from the inside accounted for close to USD$40 billion in costs to companies in 2013.
“…With just 40% of data breaches coming from outside sources, the need for employee monitoring is a real one. By the time many breaches are discovered data has already been able to be compromised…”
2015 Data Breach Investigations Report
Danger Signs
Malicious data thefts are motivated by vindictiveness, where an employee wants to create damage on purpose, or in order to make some financial gain with a competitor.
Some employees have a perception that they have a right to utilize data they may have spent time and energy collating; ignoring intellectual property rights along the way.
Employee monitoring can help pick up when an employee feels disgruntled or wants to use data for future use, perhaps with a competitor company,:
- Accessing confidential data and/or downloading documents and transferring files onto thumb drives or via IM (skype, etc.) and webmail (gamil, Yahoo, etc.)
- A change in non work-related Internet use as an employee slackens off on their expected duties.
- Job seeking online.
Most employee thefts occur in the final weeks
leading up to someone walking out the door…
Without monitoring all you can do is hope
they don’t take your data with them.
Employee Data Theft is Real
The facts speak for themselves. According to the Ponemon Institute, 60 % of quitting employees take some form of data from their company – be that an email list, customer contact or financial information.
The vast majority know what they’re doing is wrong but still do it anyway.
A recent Cisco commissioned study covering 10 countries revealed that 39% of companies had discovered an employee accessing the company’s network without authorization. Use of unauthorized programs accounted for 50% of data thefts, with 46% of employees admitting to sharing documents from their company’s network to their private computer.
60 % of quitting employees take
data from their company
Data Theft Can Be Costly
In 2014, telecommunications giant AT&T faced two data theft events by employees, one of which resulted in a USD$25 million fine to the company. The Federal Communications Commission (FCC) dispensed the fine following an investigation into employees taking the personal information thousands of US customers and selling these to a third party. The FCC estimated the theft had affected close to 280,000 customers.
Internal Threats Are Not Always Malicious
While there have been some big cases involving rogue employees maliciously attacking company data, the everyday reality is far less dramatic but no less damaging. Lack of training can mean employees become the gatekeepers and consequently the gateway to data breaches through misuse of systems, leading third party criminals to your treasure trove of confidential information. Add in poor security policies and you have a recipe for data disaster. Another employee-linked risk is the increased use of BYOD policies which can lead to data being mined from lost or stolen company devices.
With employee monitoring, companies have a better chance of spotting data thefts from within quickly, as well as providing a deterrent to malicious attacks in the future.
Digital Endpoint™ created KnowIT, a Cloud Based Employee Monitoring Software to provide companies with critical information regarding the digital behavior of their employees across Mobile Devices, Macs & PCs.
Want to learn more?