Problem solve Get help with specific problems with your technologies, process and projects.

I am concerned that a former employee will utilize corporate information in a malicious way.

Scenario: A former employee may still have classified enterprise information that she or he may use to hack the enterprise's system. What steps should be taken to insure the information's security?

I am concerned that a former employee will utilize corporate information that he had access to while employed with us in a malicious way. He has turned over his company laptop and an external hard drive. Is there a way to document what has been done with files, or if files have been copied.
Unless a corporation has implemented a client-side data leak prevention (DLP) product, then there is little that can be done to discern how the files were previously used. The former employee could have copied the files to another device, printed out the records or done all sorts of other things to steal the data. If the organization had detailed logging turned on, then perhaps it could figure out which files were used and when, but lacking that technology, the organization is essentially looking for a needle in a haystack.

In this scenario, an enterprise's options are more passive in nature. If there is something/someone that the organization...

ise specifically worried about, then it needs to keep a sharp eye on the situation. For example, if the employee was working on a large bid or a specific project for a customer and his/her new firm shows up in the bidding for that contract, it can be assumed the employee was using that corporate data to get an edge. In many cases (but not always), this would be against the law. To be clear, it's hard to prove this kind of data theft in a court of law.

Taking the scenario a step further, the enterprise could preemptively sue the employee -- and the new employer -- alleging misappropriation of trade secrets. But again, without any firm or substantiated proof, it's unlikely the case would stand up in court.

More information:

This was last published in May 2008

Dig Deeper on Security Awareness Training and Internal Threats-Information

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.