[BreachExchange] Key Employee Departures and Trade Secret Risk Assessment

Audrey McNeil audrey at riskbasedsecurity.com
Fri Aug 25 15:47:16 EDT 2017


http://www.jdsupra.com/legalnews/key-employee-departures-and-trade-68463/

It’s Friday afternoon and the conversation goes a little like this, “Wait,
what? They’re leaving? Where are they going? Is there any opportunity to
help them reconsider?”

When a key employee departs an organization, it can take a toll on clients
and colleagues, productivity, and morale. What follows is a rush of
activity: current projects are reviewed, transition plans are quickly drawn
up and put in place, and decisions are made about how to replace the
departing employee and how to communicate the departure to the rest of the
firm and clients.

Unfortunately, this can also raise questions of concern for the
organization, such as, “Did they take any electronic documents with them
and, if they did, how can we tell?” Today, employees have easy access to
more information than ever before and even greater opportunity to walk away
with company data. While most don’t, too many make the choice to take
something. Despite best efforts and safeguards, the prevalence of mobile
devices, cloud storage, USB devices, etc. provide several possible avenues
for a misguided employee to take sensitive company data with them when they
depart.

Assessing a single avenue (e.g., USB devices) is not very complicated and
can be very insightful. One of my iDS colleagues, Arnold Garcia, recently
wrote about USB devices and how we can determine the history of their usage
on a computer. This can be a big help in understanding if an employee took
electronic documents upon departing an organization. Along with USB issues,
some other questions to consider are:

- Did the employee have access to any valuable company assets (client
lists, pricing, designs, etc.)?
- Did the employee visit any cloud storage and/or personal email websites
recently and frequently?
- Was there any recent abnormal network or file access?
- What’s the risk to the business?
- What are the recommended next steps (if any) for further investigation?

Assessing the overall risk of data theft across a variety of potential data
sources has historically been time consuming and expensive. The right
experts, like those at iDS, armed with proven methodologies and proprietary
tools, can quickly assess all the available evidence, paint a detailed and
reliable picture of the departed employee’s last days or hours, and
determine the potential risk involved. With this assessment, you can make
an informed, evidence-based decision on how to proceed.

When key employees leave, it can be a difficult time for an organization.
Using a qualified forensic examiner is a must to take some of the guesswork
out of the process and give you good, solid evidence.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170825/0fb8a626/attachment.html>


More information about the BreachExchange mailing list