How To Deal With Employees Before They Leave With Your Data

Scenario: An Employee Quits And Walks Out With Your Customer List

Joseph has been employed at an insurance agency for the last several years. In that time he has been one of the top sales personnel at the company. As time has gone by, Joseph feels he has been ignored for a promotion to Sales Manager and has decided to leave the company.

Just like any other organization that has a sales team, Joseph has access to the CRM (i.e. Salesforce, Zoho, etc.) which in turn granted him the ability to download all of the contacts he had been working with to an excel workbook. In fact, his permissions allowed him to download everyone that was a part of the sales team’s contacts too. Joseph knew all too well that if he wanted to make more money, he needs to bring along the contacts from his current role to his next place of employment (it could be a competitor across the street) and he would be set.

Joseph decided that before he gives notice, he downloaded the entire list of customers, names, emails, phone numbers, physical addresses, and what kind of policy they held and how much they were paying. He had thousands of data points to share with his new employer.

Joseph has secured his next position at the competing company and has the customer list exported, then and only then he decides to give notice. The current employer accepts and wishes Joseph the best, not knowing or thinking that any employee he/she ever hired would consider stealing something that his/her company has worked so hard for.

How would you know if someone is about to do this?

Disgruntled employees do not make it a point to let their employer (and often their co-workers) know they are unhappy with workplace conditions, so expecting someone to know they were planning on leaving with a customer list would be even more challenging to find out about.

Simply put, there is nothing that you can do to prevent this from happening unless you have endpoint monitoring software deployed across all computers in your network. Human Resource Departments typically have policies in place that will protect against an employee taking the company confidential information (like a customer list), but the disconnect is – just because you have a policy to protect you legally, it does not mean that you are able to obtain proof the customer list was taken. Unless you have already taken proper precautions with respect to deploying employee monitoring software.

InterGuard Protects Companies from Insider Threats (and rogue employees)

As the pioneer for Unified Insider Threat Prevention, Awareness Technologies’ SaaS-based service is easily available and affordable for businesses of any size.

Architected at the endpoint, clients can access 4 technologies including Employee Monitoring, DLP (Data Loss Prevention), Web Filtering, and Laptop Recovery, through one agent download and one control console. In addition to running seamlessly in a local OS environment, Awareness Technologies’ products are also Citrix and VMware ready.

Our solutions allow businesses insight and provide details regarding employee activities on and off the network to make certain they are staying in alignment with the guidelines of company policies and procedures in a comprehensive, yet easy to manage cloud based environment.

What does InterGuard Record?

• File Transfers (you will know exactly what files employees are sending and receiving)
• Email (Sent and Received)
• Chat and Instant Messages (Incoming and Outgoing)
• USB Activity
• Internet Usage
• Social Media
• Windows Logon Events
• Document Tracking
• Screenshot Recording
• and Much More…

Record Data from All Endpoints

This is the starting point, not the end. Many times Employers use computer monitoring software because they suspect that an employee may be violating company policies or not as productive as they would expect. There is nothing wrong with spot checking employee activities, but when you only monitor one person at a time, you are leaving yourself open to data theft that might occur from other employees that are not on your radar…(look at the example of Joseph and you will see our point).

When you deploy computer monitoring software to all of the machines that your employees have been provided (regardless if they are in the office or remote employees), you will be able to catalog of all computer activity within your entire organization. I would imagine that the majority of the recorded emails, chats, keystrokes, file transfers, and so on from employees for the most part would be within company policies, but it only takes one instance of someone taking a customer list and you will have the digital proof to take appropriate action.

We strongly suggest that you record data from all endpoints to ensure that you have all computers monitored so you do not need to react to a data breach. By not monitoring all computers places your organization at a significant disadvantage and it is almost the equivalent of sticking your head in the sand hoping for the best.

User Behavior Analytics Is Perfect To Warn You about This Kind of Activity

User Behavior Analytics (UBA) is a process that is designed to detect insider threats, such as someone taking a customer list. The method in which UBA works is usually by creating a baseline average (of a group of peers) of specific computer activity and when a specific user deviates from the baseline, a notification or alert system would go in to action warning you that an insider threat may be eminent or is occurring.

By using the example provided in the scenario, one could create a UBA report that says the normal amount of excel files sent on a daily basis by the Insurance Agency per employee is 0 and any time an employee sends a excel file via email one or more times via email. After the rule has been created, you can run reports regularly to keep track of that kind of behavior and you can also create smart notifications that alert you when this kind of deviation from the norm occurs.

Keyword Alerts Provide More Insight To Anomalous Employee Activity

Much like UBA reporting detects insider threats, Keyword Alert Notifications also provide you with the information needed to identify a data breach that would occur from an internal source (like an employee). It works by adding keywords that you define and then whenever someone were to have that keyword in an email, chat, webpage, excel file, etc., you will get a email notification that event occurred with full details.

Insider threats can occur and there is no magic “cure all” out there that will stop it 100% of the time, but with a cybersecurity plan coupled with employee monitoring software like InterGuard, you can greatly diminish the footprint of someone like Joseph taking what you (and your company) works tirelessly to attain.

Suggested Articles

• How to Eliminate Employee Data Theft
• 7 Simple Steps To Find Out If An Employee is Stealing Confidential Data
• Put Automaton To Work for You To Monitor User Activity
• 3 Employee Behaviors Linked To Insider Threats
• Not Enough Being Done to Prevent Internal Threats