Balancing Work Efficiency with Data Security

Id like to invite you to comment on finding new ways to improve employee efficiency (thru access to corporate data) with balancing it against the risk of losing confidential corporate data due to employee theft.

More than one third of employees would steal sensitive company information if they thought they could earn a decent price from the theft, says Infosecurity Europe.

Research by the security event organiser revealed that of those willing to steal sensitive data, 63 percent would expect at least £1m for their troubles, while 10 percent want enough to pay off their mortgage. Worryingly, 2 percent admitted all they’d want in return for data theft was a slap up meal.

Infosecurity Europe also said that 68 percent of staff believe it’s easy to steal sensitive company data and 88 percent claimed the information they had access too was valuable.

“Criminals are very adept at finding the vulnerable workers who can be tempted into betraying their employers, therefore, organisations should ensure that they have trained their people to protect sensitive information and have adequate technology and processes in place to help them enforce security policies that comply with current regulation and legislation,” said Tamar Beck, group event director, Infosecurity Europe.

http://www.networksasia.net/content/one-third-employees-would-steal-sensitive-data

My personal views would really be to start with proper vetting of employees at the start of the hiring process itself. Then couple this with values formation and corporate data use guidelines. Obviously, using desktop monitoring (keyloggers etc) would be a big help, but then you would get into issues of privacy and employee morale….

Hmm.. what do we do?

One Response to “Balancing Work Efficiency with Data Security”

  1. Providing the right infrastructure is the right approach. And by that I mean you are right in that you should make sure to hire people with integrity, provide the right culture and the right incentives so that people will value honesty and integrity. From a process standpoint–policies regarding security and ethics should be clearly and explicitly articulated. From a technology standpoint–you can use technology that unobtrusively monitors and secures confidential data. Technologies like document and records management systems, network filtering, and UTM tools can help.

Leave a Reply

Time limit is exhausted. Please reload CAPTCHA.