The shockwave of the COVID-19 epidemic is being felt throughout every industry and sector globally. Specifically when it comes to data safety, this has become a burning issue.
It has been shown that when employees leave their jobs – willingly or through layoffs – a staggering 87% take corporate information with them, leading to an increase in cybersecurity incidents and data leaks.
Data Safety After Employee Termination
Tragically, companies all around the world are being faced with the necessity of layoffs. COVID-19 has been taking a drastic toll on the global economy which is in turn resulting in rising global unemployment.
Airbnb, for example, went from being one of the most successful startups of recent years to announcing massive layoffs, and they are far from the only company to do so.
As companies lay off employees, those employees often take their data access with them. This raises the risk of insider threats and data breaches considerably.
The ZDNet article notes that “exfiltration of sensitive data continues to be the most common insider threat” and notes that around 80% of “flight risk” employees attempt to take proprietary data with them when leaving a company, including abusing admin privileges and forwarding sensitive emails to personal accounts.
Even though having to lay off employees is extremely unfortunate, companies still need to ensure that their data infrastructure is secured. With that in mind, here are some things companies can do to protect their data in this turbulent time.
Steps to Take
- Stay in control – ensure that when an employee takes data with them, even if they’ve left the company, you are able to locate the data breach (even beyond company boundaries) Employees and ex-employees can be very creative, as they know your security product’s weaknesses and how to bypass them. This can be by changing a “0” to an “o”, encrypting the files, or sending them through an unmanaged solution.
- Educate users on the proper handling of company data and make sure to protect your file storages/shares. Just like with a phishing simulator, where you educate your employees about the risks of opening an email that was sent to them, so too, they should not use data that is not necessary to their line of work. Sniffing around in the file storage is not ok, even though they have access to the folder.
- If the employee goes off and takes data with them, make sure you have the capability to obtain hard evidence on the employee in order to:
- Protect the privacy of the rest of the company’s employees
- Ensure that the user is in fact behind the computer
- Automatically calculate the risk level of the user
Your Data Security Teammates
With companies being forced to lay off their workers in record numbers and the related increase in security risk, the data breach threat level increases significantly. It also means that now is certainly not the time a company wants to be dealing with the fallout from a data breach.
This is where ITsMine can add a huge amount of value. With ITsMine, your data is being protected regardless of where it is or what form it takes. Our service, Beyond DLP™, does this by automatically planting thousands of SoftwareMines™ throughout your data, both on-premise and in the cloud. When a SoftwareMine™ gets opened outside of the organization, or by a user without the necessary credentials, the system administrator immediately receives critical forensic information about the breach in real-time.
In securing data from insider threats, even after employees are terminated, ITsMine is your solution to keep your data protected.
To schedule a demo, reach out here.