When Employees Leave: Best Practices for Preventing Data Theft

With more than two-thirds of organizations experiencing data theft when employees depart, you need to protect your organization against insider threats. Find out how, here.
With more than two-thirds of organizations experiencing data theft when employees depart, you need to protect your organization against insider threats. Find out how, here.

By Chuck Burbank, CIO, FairWarning, Inc.

Empowering your employees to do their best work means providing them access to physical and digital assets in the company network that can help them scale their initiatives.

But when an employee leaves, it’s the organization’s job to ensure they’ve rolled back access to this company property.

This includes office supplies, mobile devices and ID badges.

But in the digital age of insider threats, it also needs to include your data.

Many organizations today rely on cloud-based technologies as the hub of their business operations.

Solutions such as Salesforce started off as a CRM but have grown to manage the workflow and data of an entire organization.

As a result, employees have access to a bevy of sensitive data such as detailed customer, prospect, ordering systems and financial information.

(Learn how to protect your data in cloud based applications such as Salesforce. Courtesy of FairWarning, Inc. and YouTube. Posted on Aug 9, 2016)

Employees may not intend to take data out the door in certain incidents, but some former employees are looking to gain a competitive advantage in their future endeavors.

A white paper from Osterman Research revealed that 69 percent of organizations polled cited data loss when an employee leaves their organization.

So then, the threat is real, and the consequences can be serious.

Protecting your organization’s data is critical, and it takes a multi-layered approach.

Here are six ways to proactively secure it.

1)  Get a bird’s-eye view of your data in the cloud

Today’s complex network environment creates an expansive workflow. Your data is probably not contained within a few secure systems.

Conduct a comprehensive risk assessment to understand where you need to focus your security strategies.

Knowing where your data is located and who has access to it will give you a foundation to build upon with other security tools and data protection strategies.

Below are some questions to answer:

  • Who has access to what data?
  • Who has controls over database access?
  • What regulations/laws do I need to comply with?
  • Is my data secure in transit?
  • Is my data secure when it’s not in use?
  • What sensitive data does my organization store, use and transmit?

2) Monitor your cloud applications

After you have found where your most sensitive data resides, monitor who is accessing it and what they are doing with it.

With the growth of cloud-based apps such as Salesforce, company data is oftentimes easily accessible within the application.

Defending against insider threats requires monitoring user activity and using behavior analytics that provide insights into where, when and what insiders are doing.

Gaining insights into your business-critical applications allows your security team to be proactive in detecting, investigating, mitigating and remediating security incidents.

Monitoring technology will provide your organization with the ability to trust your employees but verify that they are not violating your acceptable use policies and putting your organization at risk.

So then, say that an employee on the brink of departure is exporting large amounts of company data from Salesforce.

Your security team can isolate the incident and prevent data loss or even a full-blown breach.

3) Create clear policies

Make your data security policy as clear and as detailed as possible, and make sure your employees know it front to back.

This will help keep employees accountable for securing your sensitive information.

Below are a few essential topics to cover:

Data privacy 

  • Train your employees on the laws they must comply with when handling your organization’s or customer’s data, i.e. HIPAA, FINRA and GDPR.

Email safety 

  • Make sure your employees are trained on all the latest social engineering tactics so they don’t fall for them.
  • The majority of cyber-attacks originate from insider threats accessing a malicious email.

Mobile devices 

  • You will reduce risk by creating a mobile device policy that requires employees to observe password protection and secure usage.

Strong passwords

  • Maintaining strong password protection to your internal systems will help prevent breaches.
  • Of confirmed data breaches, 63 percent involve using weak, default or stolen passwords.

4) Remove access

Cut off physical access to your network the minute an employee departs.

Multi-layer authentication, requiring both a password and a physical token, to gain access to technology and organization perimeters provides an extra layer of physical security.

5) Establish sanctions

Make sure employees know that you have a clearly defined sanctioning policy.

Specific penalties should be defined for those who violate your Acceptable Use Policy.

Tell employees that their activity is being recorded through monitoring technology and that they are held accountable for any misuse of the organization’s resources.

6) Create a security culture

Employees can represent the chink in your armor, but they can also represent your greatest defensive asset.

Implementing a culture of security and accountability will help secure your organization.

Training on your acceptable use policies, monitoring technology, current cyber threats and sanctioning will aid in defining a strong culture of security.

(Cloud security doesn’t have to be a science project. Learn More about FairWarning for Salesforce, a purpose-built to monitor and protect Salesforce and other cloud applications like Office 365 and Drop Box against data theft. Courtesy of FairWarning, Inc. and YouTube. Posted on Oct 26, 2015)

Protecting What’s Yours

With more than two-thirds of organizations experiencing data theft when employees depart, you need to protect your organization against insider threats.

One of the most effective things you can do is monitor employee access to and activity within your network.

This way, you will be able to quickly spot and stop suspicious behavior.

Create a data security policy and make sure your employees know and adhere to it.

These steps encourage a strong security culture that partners technology with people to keep your data where it belongs.

About the author

Chuck Burbank is the CIO and Chief Information Security Officer of FairWarning.

Chuck Burbank, CIO, FairWarning, Inc
Chuck Burbank, CIO, FairWarning, Inc.

He has overall responsibilities for developing and executing strategic security initiatives across the organization.

Chuck joined FairWarning in 2012 after being a customer for many years and works closely with the management team to strengthen overall security and risk management.

FairWarning® solutions protect organizations of all sizes against data theft and misuse through real-time and continuous user activity monitoring and improve compliance effectiveness with complex federal and state privacy laws such as HIPAA, FFIEC, PCI, FINRA, SOX, FISMA and EU Data Protection Act.

FairWarning® catches people stealing your data. To Learn More, visit http://www.FairWarning.com or Solutions@FairWarning.com.