Skip Links

Network World

Richard Stiennon

Ten best practices for avoiding data loss during layoffs

By stiennon on Mon, 11/17/08 - 11:54pm.
Newsletter Signup

Re=posted from ThreatChaos.com

 

 

An economic downturn is one of the most difficult times to protect data.  Layoffs create disgruntled employees and provides them with motivation as they face the prospect of loss of income.  This afternoon I am presenting a webinar (register here) on how to protect your organization’s data during these tumultuous times.

Citi Group announced 53,000 layoffs yesterday, mirroring numerous layoffs on Wall Street and Main Street.  Unemployment is at levels not seen since 1994.  When an organization is already experiencing high financial stress the last thing you want is a major data breach.   Just as Countrywide was experiencing its troubles this past summer it came to light that one Rene Rebollo, working in Countrywide’s subprime mortgage arm, was systematically downloading spread sheets of data to a USB thumb drive and selling the records of mortgage applicants for what eventually amounted to $50K.  He stole and distributed over two million identities.   Don’t let your company experience the kind of trouble that Countrywide went through in the subsequent disclosure process.

Here are Ten Best Practices for Data Protection During a Downturn. My starting point was the excellent Common Sense Guide to Prevention and Detection of Insider Threats published by Carnegie Mellon’s CyLab.
1.    Restate and re-publish your organization policy on confidential information. Require everyone in the company to sign it.
2.    Have a strict policy regarding the usage of data storage devices including thumb drives, iPods, and USB hard drives.
3.    Establish strict policies that allow, restrict or block data transfers to removable media
4.    Identify and restrict access to key data such as employee records, resumes, customer lists, and financial statements.
5.    Track employee access to data and retain copies of transferred files
6.    Log, monitor and audit employee online actions

7. Use extra caution with system admins and privileged users.
8. Deactivate all accounts and network access of terminated employees.
9. Confiscate laptops, Blackberrys (all corporate phones) and storage devices of terminated employees.
10. Document insider threat controls

 

 

Helpful

0
By Sharon (not verified) on Wed, 12/10/2008 - 5:19pm.

Very helpful post.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You can use BBCode tags in the text.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <strong> <i> <br /> <br> <ul> <ol> <li> <dl> <dt> <dd> <blockquote>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Welcome, visitor. Register Log in
About Stiennon onSecurity

Richard Stiennon is a security industry analyst. He is currently consulting, speaking and writing on all manner of security topics for IT-Harvest, the IT research firm he founded to cover the security space. He was most recently chief marketing officer for Fortinet. He has served stints at PricewaterhouseCoopers, Gartner, and Webroot Software.