Do You Fear Digital Larceny In Your Office?

Nearly all businesses today operate in a digital environment — in fact, it’s almost impossible to run a business without computers and the Internet. Consequently, business owners and managers cannot afford to underestimate the potential for computer crime and misuse.
By: Carole Longendyke
January 4, 2006

 

Most corporate security measures today address the potential for hackers’ compromising firewalls or cracking access codes, but an even greater threat walks right through the front door every business day.  Employee misuse and abuse of company computers and resources, such as excessive Web surfing and using personal e-mail accounts on company time, is counterproductive at best, but intellectual property theft — in which client lists, business plans, product designs and contract proposals end up in the wrong hands — can significantly alter the playing field for even the most successful company.



There are a few simple steps you can take to help protect your company against employee computer misuse and theft of confidential or proprietary data and prevent liability in a potential lawsuit:













RX FOR COMPUTER SECURITY



Require password log-ons for ALL employees.



Develop and enforce specific policies regarding computer use (Web surfing, personal e-mailing, etc).



Convert all removable media drives to “read only” access.



If computer crime is suspected, contact a data forensics firm immediately. Preservation is critical, whether or not a full-blown investigation ensues. If an investigation does become necessary, the firm can assist in determining the best target approach to maximize responsive data and minimize cost.


1. Restrict access to confidential and proprietary information on the company network to necessary personnel only.



2. Require password log-in for all company computers to ensure controlled access to company files and networks.



3. If Internet use is not necessary for most employees in your business, designate a specific computer as the “online” computer where employees can access the Internet when necessary. This computer should not be connected to the company network.



4. Develop and enforce policies regarding personal use of company computers, such as Web surfing, use of personal email accounts and the transmission of potentially offensive material via the company networks and/or e-mail systems. Have (and communicate!) a clear policy regarding these activities. Software utilities exist that can allow an employer to monitor computer activities as well as place blocks on particular websites.



Resources
 
Author Information: Carole Longendyke is a partner and director of forensics at PG Lewis & Associates (www.pglewis.com), a data forensics firm in Whitehouse Station, N.J. She can be reached via e-mail at clongendyke@pglewis.com.
 
 
Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon Sign up for our Email Newsletter