Company secrets are walking out the door

Jun 14 2007 by Nic Paton Print This Article

Almost half of us would have no qualms about downloading sensitive company information to take with them us to our new job - and most employers would do little or nothing to try and stop it.

Research carried out in Europe by software firm Check Point Software Technologies has found that widespread access to technology such as memory sticks has made it extremely easy for employees to download competitive or commercially sensitive information.

Almost half of workers would happily use their notice period to download useful information and data to take with them to their next job, it reported.

Their lack of concern could be in part down to the fact that it is extremely unlikely anyone will try to stop them, as three quarters of companies had no security in place to prevent information going out the door, said Check Point.

More than eight out of 10 employees admitted they could easily download competitive information and take it with them, in-spite of three quarters of these companies having a policy that specifically stated company personnel were not allowed to take company information out of the office.

British employees were generally less trustworthy than their counterparts in Scandinavia, the study found.

Although most Nordic employees could download data from their current employer, just under a third would go on to use this information for competitive advantage in their next job, the survey found.

Eight out of 10 workers in the poll admitted to taking files from work to use at home, with most (33 per cent) favouring USB sticks as the preferred method to store data, rather than bulky laptops (14 per cent).

But this huge demand for USB sticks created a real security headache for most companies, as it is so difficult to keep tabs on them because they are small and go unnoticed, said Check Point.

"USB sticks are now more popular than ever, with everyone from children up to the CEO travelling around with data on their USB sticks, "said Check Point's Martin Allen.

"Companies spend millions on their security and just forget about the fact that millions of pounds worth of valuable data is 'going walkabout' on people's key rings and a great deal are very happy to download information to take with them to their next job.

"Without being too draconian our advice is to lock down computers with vital information and make sure you centrally control USB sticks by supplying them to your staff with mandatory encryption in place. That way they can freely use them keeping the data safe at all times," he advised.

Employers need to do more to educate their staff so that they were aware of the security and legal implications of downloading sensitive or competitive information, he added.

It was also a good idea to specify that all staff members sign a security policy stating they will not download sensitive or competitive information or take information to take to their next job.

But ultimately, Allen said, security is a two-way process. Security technology is one side of the coin, but organisations also need to demonstrate and build trust in their workforce.