Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • IT Management
    • Storage

    How to Secure Sensitive Data Before a Layoff Occurs

    By
    Gregory Shapiro
    -
    June 2, 2009
    Share
    Facebook
    Twitter
    Linkedin

      Unlike individual employee terminations, which are customarily unannounced and immediate, layoffs present a larger threat to corporations because they leave the door open to both intentional and unintentional data loss, leakage and integrity problems. When employees sense impending layoffs or are told in advance and kept on for a limited time to transition, that is when rumors and panic consume the employees. It’s then that the company’s sensitive data can be compromised.

      For this reason, the strategy for any corporation planning a layoff should include setting policies and making sure practices are in place to secure their sensitive data now.

      Steps to protect company data before a layoff is implemented

      Step No. 1: Create a set of policies

      Create a set of policies outlining acceptable use, data responsibility and data retention that is shared with and understood by all employees. If you already have these in place, now is the perfect time to revisit and refresh them.

      Step No. 2: Implement a standard procedure for employee termination

      Implement a standard procedure for employee termination, which includes when and how an employee’s network access is terminated, how equipment and data (both hard copy and electronic) is collected, and how access privileges are assigned for any transitional period.

      Step No. 3: Maintain an up-to-date auditing of your company’s data

      Maintain an up-to-date auditing of where your company’s data is stored, who has access to that data, who can administer permissions or configurations on servers, and how data is backed up. If possible, use software tools or policy-enforced procedures that provide an audit log of data access and modification.

      Most document management systems can provide a log of both file retrieval and per-user changes. Knowing what content and access permissions each employee is granted greatly impacts your ability to secure and collect that information when the time comes.

      Restrict Access to Information and Administrative Control

      Step No. 4: Restrict access to information and administrative control

      Restrict access to information and administrative control as much as possible, but not to the point of impacting employees’ ability to get their job done. While it may be convenient for employees to be able to log in to servers, it may not be necessary.

      For example, a software engineering group doesn’t need shell access to the source code control repository server; rather, they can simply use tools to check out code and check in changes (thereby maintaining an audit log). In the event that access to the backend files is needed (such as for searches over the entire repository), consider using other means such as a read-only file system export. Restricting access limits the amount of disclosure and damage that can be done by a disgruntled or exiting employee.

      Step No. 5: Employ some form of endpoint protection

      If necessary, employ some form of endpoint protection for employee computers and mobile devices. There are varying levels of endpoint protection available, from the ability to turn a fully-functional laptop into little more than a dumb terminal, to the ability to perform a remote data erase if a device is lost. This is another area where a balance must be struck between security and convenience. These technologies can help assure your ability to collect and audit the locations where data has been stored and copied.

      Step No. 6: Identify and protect important electronic documents

      Identify and protect important electronic documents for tracking, data integrity and disclosure. Depending on the sensitivity of the documents, the technologies that come into play include watermarking, digital rights management (DRM), document fingerprinting, digital signatures and encryption. These can help track the source of leaked information, prevent accidental leakage of (or intentional damage to) data, and protect the contents of a document if storage media or a portable device is lost or stolen. Depending on the sophistication of the technology used, it may also be helpful to render any data held by a departing employee useless.

      Prevent Electronic Messaging Data Leakage

      Step No. 7: Prevent electronic messaging data leakage

      A good starting point for securing sensitive corporate data is to protect against data leakage via messaging (e-mail, Web mail, instant messaging, etc.). Routing e-mail through an intelligent message processor can help to actively protect sensitive data. Using a single message processor platform with a set of applications (instead of individual point solutions) can provide easy-to-manage, coordinated policies for the following:

      1. Content analysis for identifying and stopping sensitive information from leaving your company. This can include document decomposition for decoding proprietary document formats, descending into compressed or container files, document fingerprint matching for identifying whole or partial files, etc. This is useful in preventing the spread of rumors of impending layoffs, distribution of sensitive documents for employee “backup” purposes, theft of intellectual property by an exiting employee and other similar activities.

      2. Directory-driven corporate governance policy enforcement for limiting distribution of information in accordance with policies and information audits.

      3. Message tracking to gain insight into sender, recipients and content of flagged materials for audit purposes.

      4. Policy-based encryption to protect outbound, sensitive materials using any of the policy methods described earlier to safeguard data in transit.

      Even if your company is not facing a round of layoffs, these best practices can be used to help protect and manage your organization’s sensitive data. While no technology is completely foolproof against employee data leakage, most violations are caused by employees who either inadvertently or unknowingly send sensitive information.

      Don’t be discouraged by the amount of work required to implement all of these suggestions. There is no better time to develop a plan to address your current data protection weaknesses. Start implementing the practices just outlined by creating policies and procedures, and identifying and protecting your most likely avenue for data loss, leakage and corruption.

      /images/stories/heads/knowledge_center/shapiro_gregory70x70.jpg Gregory Shapiro is Vice President and Chief Technology Officer at Sendmail. In his tenure at Sendmail, Gregory has held prominent roles in the engineering, IT and business development departments. After four years of leading Sendmail’s products in production, Gregory returned to improving those solutions, first in the business development group researching and evaluating partner products and most recently as the engineering group’s chief architect.

      Prior to Sendmail, Gregory began his professional career as a systems administrator for Worcester Polytechnic Institute (WPI) after graduating from WPI with a degree in Computer Science in 1992. Gregory is a FreeBSD committer, has served as program committee member for BSDCon 2002 and program chairman for BSDCon 2003. In addition, he has contributed to the past three editions of the O’Reilly Sendmail book. He can be reached at [email protected].

      Avatar
      Gregory Shapiro
      Gregory Shapiro is Vice President and Chief Technology Officer at Sendmail. In his tenure at Sendmail, Gregory has held prominent roles in the engineering, IT and business development departments. After four years of leading Sendmail's products in production, Gregory returned to improving those solutions, first in the business development group researching and evaluating partner products and most recently as the engineering group's chief architect. Prior to Sendmail, Gregory began his professional career as a systems administrator for Worcester Polytechnic Institute (WPI) after graduating from WPI with a degree in Computer Science in 1992. Gregory is a FreeBSD committer, has served as program committee member for BSDCon 2002 and program chairman for BSDCon 2003. In addition, he has contributed to the past three editions of the O'Reilly Sendmail book. He can be reached at [email protected]

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×