It’s an unfortunate reality in today’s tough economic climate: While many companies are finding creative ways to retain their workers, others are forced to thin their ranks. And many of the departing employees are leaving with more than just their severance checks: a recent survey of 945 people who were laid off, fired or quit their jobs in the past 12 months revealed that nearly 60 percent admitted to having stolen company data when they departed, and 67% reporting that they used confidential information to help secure a new job.
The study on data risk was conducted by Ponemon Institute, a Tucson based research group which focuses on information, privacy and security management practices in business and government. The survey revealed that e-mail lists were the most common data element taken from an employer (65%), followed by non-financial business information (45%), customer contact lists (39%), employee rcords (35%) and financial information (16%).
Another survey on data theft conducted by Cyber-Ark Software reveals that Information Technology (IT) employees are a particular risk. Its annual survey around “Trust, Security & Passwords” focused on 300 IT security professionals and revealed that 88 percent of IT administrators, if laid off tomorrow, would take valuable and sensitive company information with them. The target information includes the CEO’s passwords, the customer database, R & D plans, financial reports, M & A plans, and most importantly the company’s list of privileged passwords. The company’s press release highlights several areas of “poor housekeeping” that make a company more vulnerable to this exploit. An article by Julia King in Computerworld suggests 5 steps a business can take for protection from angry ex-employees, along with a list of security tips.
While good data security practices are a vital discipline for every company in good times and bad, it’s an area that bears particular attention when layoffs loom. However, all the best security measures in the world will be insufficient if the climate between employees and employers is negative, mistrustful, and toxic. Organizations that maintain a healthy and respectful relationship with their work force can better weather crises than those that do not. Here are a few steps we recommend:
- Develop standards for privacy and confidentiality of company, employee, client and vendor information and records and communicate and promote those standards throughout the organization
- Foster an atmosphere of trust, honesty and respect with employees through open communication
- Promote high standards of ethics, honesty and integrity as an organization – this starts at the top
- Discourage any unethical or borderline use of information obtained about competitors or vendors
- When layoffs are unavoidable, ensure adherence to best practices for terminations and firings.