当员工离开公司时, 数据被盗的风险增加了, 这也被称为数据泄漏或泄露. This risk is present whether an employee’s departure is voluntary or not.

The consequences of data theft from insiders can be severe, as an organization’s most valued data assets and secrets are vulnerable. Data leakage events can impact a company’s financials through lost business and intellectual property, 它们还可能导致名誉受损, 诉讼和监管罚款.

Departing employees may have various motives for stealing sensitive corporate data, and it is crucial to be aware of and look for warning signs that an insider may engage in this impropriety. This article offers more information on warning signs and provides actions businesses can take to help prevent these occurrences.

敏感数据可能被盗的原因

There are several reasons departing employees may take corporate data. 虽然有些人可能有恶意, other incidents may be the result of accidents or misunderstandings. The following are common reasons a departing employee may take corporate data:

• 获得一份新工作或与前雇主竞争—A company’s trade secrets or intellectual property can be valuable to a competitor. A departing employee may leverage this data to obtain a new job or gain an advantage in a new position by using it to compete with their former employer.
• 个人经济利益—A former employee may be able to sell data they take, or they may be able to use it to jumpstart their own business venture.
• 寻求报复—Departing employees may be disgruntled or frustrated about the circumstances of their transition. This may lead to malicious destruction of data to sabotage or disrupt their previous company’s operations.
• 在事故—Data exfiltration may not always be the result of malevolent actors. Departing employees may incorrectly believe the data was theirs, or they may accidentally retain it by failing to sufficiently wipe the 设备 they used for business purposes. 

数据盗窃警告标志

Companies can work to prevent data theft by proactively monitoring warning signs. Indicators that an employee may compromise sensitive information include actions such as:

• 从事可疑的网络活动, 包括使用隐身浏览器, 拥有多个网络邮箱账户, researching how to bypass security and using personal file sharing platforms
• Using unauthorized personal 设备 for business activities
• Accessing business data at unconventional times or repeatedly
• Downloading or transferring an inordinate amount of data
• Requesting to gain access to information that is outside the scope of their job description
• 对公司会议进行录音或截图
• Acting out of character or in a way that is against company policies
• Trying to trick or pressure coworkers into gaining access to their data

预防建议

Organizations can implement the following strategies to reduce the risk of departing employee data theft: 

• 要积极主动. Look for warning signs to stop data theft before it happens.
• 建立清晰的政策和程序. Policies should state the delineation between personal and business use of data, 设备, 网络和其他技术. They should also contain procedures on how this information will be disseminated to new, 现有及离职员工.
• 分配内部威胁风险的所有权. Designate someone within the organization to be responsible for updating the data theft prevention program, conducting employee trainings and maintaining a data theft incident response plan.
• 当员工离开时，你有一种零信任的心态. Assume a departing employee will retain some access to sensitive information after they leave. Utilize tools that create a full audit trail should an issue arise.
• Acknowledge that no system will be completely effective in stopping all data theft. 无论多么先进, technological data loss prevention systems are not capable of preventing all instances of data exfiltration. Continually update your policies and regularly test your procedures.
• Encourage cross-collaboration between business units (e.g.、人力资源及资讯科技). This can be particularly useful during offboarding to ensure equipment is returned in a timely matter and departing employee access to data is restricted when necessary.

Data theft from departing employees presents a significant exposure, and companies must be aware of warnings signs and techniques to mitigate its associated risks. 如需更多风险管理指导，请立即与我们联系.

网络风险 & Liabilities document is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. ©2023 Zywave, Inc. 版权所有.