Den of thieves

Feb 16 2004 by Brian Amble Print This Article

Itís not just office stationery that is going missing form the UKís workplaces. Almost seven out of ten employees admit that they have stolen important information from their employers, a task made all too easy, it seems, by email and other office technologies.

Customer contacts, email address books, proposals and presentations are among the types of business-critical data that gets pilfered, with office email being one of the most common ways to get it out of the building.

And according to computer forensics and data recovery firm Ibas, who carried out research into information theft, most of those who purloin data do so when they are leaving an employer to take up a new job elsewhere.

"The surprising thing is the level to which people believe this is acceptable," said Ibasí Chris Watson.

More than seven out of ten of those surveyed said that they had no ethical problems stealing information to help them in a new job. Six out of ten people felt that, in moral terms, it ranked with exaggerating insurance claims. Eight out of ten felt that the work they had put in to create the data justified their behaviour.

"Many believe that they are entitled to take information with them because they had helped win customers and create databases of sales leads," Watson explained.

"They have invested a lot of time putting it together and that's why they feel they have ownership of it," he said.

"The classic case is in sales environments where the contacts database is taken from one company to another even if it is not relevant to that business," he said.

One in three departing employees took a contacts database with them when they left a job, the research found.

Women were 20 per cent more likely than men to think that leaving with company information was acceptable, but men were 28 per cent more likely to make off with the goods.

"When people used to leave a company they would take a few pencils with them," he said, "but the computer age is taking it on to a new level," Watson said.

Many of those stealing from their employers send the purloined data to their personal email address. But one in five were more crafty. Not wanting to leave an email trail, they burned the information onto a CD.

So what can paranoid employers do to keep their IP under lock and key? Chris Watson reckons that having clear policies to remind employees about IP issues will help, plus putting filtering software on email servers.