How to Prevent Employee Data Theft

Sep 30, 2021

Digital Forensics

Sharing is caring

There are many reasons why an employee might choose to steal data. It is often the case where the employee will steal a company’s data in order to sell it, or they might just sell access to the data. Below are a list of ways that you can safeguard your company from data theft.

Make sure that users only have access to the data they need to carry out their role. Restricting access permissions is a crucial part of any data security program as it limits the amount of damage that can be caused by both a rogue employee or external attackers and also makes it easier to identify the cause of the incident.

Block websites that allow online screen recordings as this can be another way for a rogue insider to steal data.

There are a lot of red flags to look out for that could suggest data theft is happening in your company. Below is a list of things that you should look out for.

  • Copying/moving/deleting files at an unusual rate
  • Uploading/downloading files to/from the corporate network at an unusual rate
  • An employee using Private Browsing mode
  • A machine accessing unusual IP addresses or ports
  • An employee sending emails to their personal email accounts

You should deploy the necessary software that gives you real-time visibility into who is accessing your critical data, and when. You should also use an intrusion prevention system that is capable of real-time traffic analysis and packet logging to help you identify any suspicious outbound network traffic, which might suggest that an employee is trying to run off with your database.

Put procedures in place for when an employee leaves your company to prevent any data theft from happening. Below isa list of ways you can prevent data theft form happening when a employee has been fired or when their contract is up with your company.

  • Disable all relevant user accounts and forward the employee’s emails and voicemail to their manager.
  • Terminate VPN and Remote Desktop access for the employee.
  • Change passwords on all shared accounts the user had access to.
  • Remove the user from email group lists, distribution lists, internal phone lists, and websites.
  • Retrieve or disable all company-owned physical assets (laptops, phones, tablets, etc.) assigned to the user, and update the IT inventory.
  • Copy all needed local data from the employee’s computer to the manager’s one.
  • Change any access codes the user knows, such as PINs for accessing secured rooms.

Should you need assistance with Digital Forensics please get in touch with Uphando today


Sharing is caring