Employers naively leave door wide open for staff to exit with sensitive data

Check Point Software Technologies Ltd., a worldwide leader in securing the Internet, has announced that research showed almost half of people would take useful information and data with them to their next job.

It is unlikely that anyone would stop them as three quarters of companies, based on the recent survey, have no security in place to prevent information going out the door!  Eighty five percent of employees admitted that they could easily download competitive information and take it with them to their next job, in-spite of 74% of these companies having a policy that specifically states that company personnel are not allowed to take company information out of the office. These findings come out of a survey by Check Point Software into staff and data security carried out amongst 200 senior IT professionals.

UK employees are not quite as trustworthy as their Scandinavian counterparts as the same survey was conducted in the Nordic region and found that although most Nordic employees could download data from their current employer, just 32% would go on to use this information for competitive advantage in their next job. 

Laptops are old hat - USB Sticks on a key ring rule!

Eighty one percent of people take files from work to use at home with the majority dumping their laptops in favour of USB sticks as the preferred method to store data, as its far more convenient, cheap and easy.  Thirty three percent store work data on their USB stick, versus 14% who now use a laptop.

The huge demand for people to use USB sticks creates a real security headache for most companies as its difficult to keep tabs on them because they are so small and go unnoticed.  They are also far easier to lose in transit making them a likely target for opportunists who may find them very valuable assets to trade with competitors or use to blackmail the company into keeping quiet about the fact that they lost valuable or sensitive information without protecting it.

Martin Allen a Spokesman for Check Point said USB sticks are now more popular than ever, with everyone from children up to the CEO now travelling around with data on their USB sticks.  Many can now carry 16 gigabytes around with them in their pockets which compares with 640 reams of paper in your pocket. At this estimation its not surprising they can become a serious security risk.  Companies spend millions on their security and just forget about the fact that millions of pounds worth of valuable data is going walk about on peoples key rings and a great deal are very happy to download information to take with them to their next job.  Without being too draconian our advice is to lock down computers with vital information and make sure you centrally control USB sticks by supplying them to your staff with mandatory encryption in place.  That way they can freely use them keeping the data safe at all times.

Check Point has some simple advice to offer companies on how to go about rolling out a mobile security policy to secure vital company data:

  1. Educate your staff so that they are aware of the security and legal implications of downloading sensitive or competitive information.
  2. Include the management of all mobile devices in your security policy. 
  3. Specify that all staff members have to sign your security policy, to ensure that they will not download sensitive or competitive information, nor will they use this information to take to their next job and make sure you have the appropriate software to enforce the policy in place.
  4. If you have sensitive information you do not want downloaded, then block end-points on computers with efficient and cost effective software.
  5. Ensure that all USB sticks that are connected are encrypted.
  6. Use encryption software that does not impair the use of the device and make sure that employees cannot by-pass the encryption it therefore needs to be transparent to the user, quick and easy to use. 
  7. Remember security is a two way process you need to have your staff on your side, so complement sensible, workable policies, with centrally controlled security technology combined with trust, education and understanding.

About Check Point

Check Point Software Technologies Ltd  is a leader in securing the Internet. The company is a market leader in the worldwide enterprise firewall, personal firewall, data security and VPN markets.  Check Points PURE focus is on IT security with its extensive portfolio of network security, data security and security management solutions. Through its NGX platform, Check Point delivers a unified security architecture for a broad range of security solutions to protect business communications and resources for corporate networks and applications, remote employees, branch offices and partner extranets. The company also offers market leading data security solutions through the Pointsec product line, protecting and encrypting sensitive corporate information stored on PCs and other mobile computing devices. Check Point's award-winning ZoneAlarm Internet Security Suite and additional consumer security solutions protect millions of consumer PCs from hackers, spyware and data theft. Extending the power of the Check Point solution is its Open Platform for Security (OPSEC), the industry's framework and alliance for integration and interoperability with "best-of-breed" solutions from hundreds of leading companies. Check Point solutions are sold, integrated and serviced by a network of Check Point partners around the world and its customers include 100 percent of Fortune 100 companies and tens of thousands of businesses and organizations of all sizes.

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter