What if data is deleted by a retired employee?Is it possible to claim compensation for damages? We also explain how to deal with it and preventive measures.
2023/11/22
[Webinar] What Japanese Companies Should Know About U.S. Investigations and Compliance Expectations Part 2
2023/11/28
As confidential corporate information is increasingly converted into data, the risk of data being taken out by retired employees is also increasing.We will explain how to prevent data exfiltration by retired employees, what actions should be taken in the event of data exfiltration or information leakage, and countermeasures and countermeasures.
Security risks of data removal by retired employees
There are various risks associated with taking out company data by a retired employee.We will explain the background and motivation for data export, and the impact it has on companies.
Background and motivation for data export
There are various backgrounds and situations in which data being taken out by retired employees occurs, but the most problematic case is when an employee takes out data with malicious intent.Possible purposes include illegally buying and selling personal information, obtaining money by passing it on to competitors, or using the information when changing jobs to a competitor.On the other hand, in corporate cultures where there is little awareness of confidential information and operations are not clear, there are cases where data exfiltration becomes commonplace even without malicious intent.
Impact on companies due to data export
If a retired employee takes company data with them and confidential information is leaked, it can lead to various damages.For example, if technology, know-how, or information on business partners important to a company's activities is shared with competitors, there is a risk of a decline in competitiveness and market value.If customers' personal information is leaked, the company's image will be damaged and it will lose social trust.If you violate the Personal Information Protection Act, you will be subject to corrective recommendations, penalties, and criminal penalties from the government, and the consequences will be severe, including imprisonment and fines.In some cases, victims of information leaks may file lawsuits for damages.
Specific example of how to take out data by a retired employee
How do retirees often take data containing confidential information out of the company?I will explain the main examples.
Portable storage media such as USB memory and HDD
Data may be exported using portable storage media such as USB drives or external hard drives.This is a common method because it allows you to easily copy large amounts of data.
Description in e-mail body, attachment to e-mail
How to send from a company email account to a retired employee's personal email account.In addition to writing it directly in the body of the email, there are other ways to easily take out confidential information, such as attaching it to an email.
Copy to cloud service
Another option is to use a cloud storage service to upload the data and take it out so that it can be accessed through the retiree's own personal account.Major cloud services include Google Drive, OneDrive, and Dropbox.
Copy to smartphone, etc.
It is also possible to use devices such as smartphones and tablets.Confidential data is imported as a file on the retiree's personal device and taken out.In order to hide the data, there is also a method of copying the data by converting it into a form such as an image.
How to prevent data exfiltration by retired employees
The following are specific measures to prevent data being taken out by retired employees.
Creating an environment where data cannot be taken out
An effective way to prevent data being taken out by retired employees is to create an environment where data cannot be easily taken out.We will create a system that prevents people from easily entering rooms containing equipment that handles important data, and will also install surveillance cameras and an entry/exit control system.
Set operational rules such as setting access restrictions
It is necessary to decide on a manager who will handle confidential information, and to establish rules such as keeping records when the information is used.Additionally, by setting access restrictions to important information, you can prevent data from being taken out by unauthorized employees.It is also effective to prevent external media such as USB memory from being connected to corporate terminals.
Thorough employee training
We also provide training to make employees aware of the rules for handling confidential information.Raise awareness about how to handle data that is prohibited to take out, how to handle confidential information, and the impact on the company if information is leaked.
Sign a confidentiality agreement
There are many cases where people get away with it by saying, ``I didn't realize that it was confidential information that I shouldn't take out,'' or in fact, there are many cases where people are not aware of it and don't realize it.In order to raise awareness of confidential information, it is a good idea to sign a non-disclosure agreement with all employees, not just retired employees, to maintain company secrets.
Monitor employee emails, record data access history, etc.
It is also important to constantly monitor employee e-mails, such as checking the sending of e-mails with file attachments, and to introduce a system that records the history of who has accessed confidential data.By maintaining a monitoring system on a daily basis, you can expect to have the effect of deterring data being taken out.
How to deal with retired employees who take data with them
We will explain the penalties for retired employees who take out data and the possibility of lawsuits for damages.We will also introduce the research necessary for this purpose.
Data taken out by retired employees will be discovered eventually.
After taking out confidential information, some retirees erase or initialize their PCs to destroy evidence, but it is difficult to conceal these actions.In many cases, it is possible to recover and analyze data and secure evidence of the removal of data by conducting a particularly advanced investigation method called ``digital forensic investigation.'' Conducting appropriate investigations increases the possibility of securing evidence.
Information leaks are subject to disciplinary action
Taking out confidential company information may result in criminal charges.Regarding information leaks, disciplinary action will be taken if it constitutes a breach of confidentiality obligations.There is also a possibility that the company will claim compensation for damages and be charged with theft for data removal.
In order to take disciplinary action or claim compensation for damages, it is necessary to investigate the facts and secure evidence.
If a company suffers enormous damage due to information leakage due to data being taken out, such as losing social trust or being unable to continue business, the employee will be subject to appropriate punishment and, in some cases, a claim for damages. Consider.However, in order to take action, solid evidence and proof of the facts are required."Digital forensic investigation" to recover, preserve, and analyze deleted data is essential.
With FRONTEO's "Retiree PC Maintenance Service", prepare for investigations into information taken out or leaked by retirees.
Even if thorough measures are taken, it is difficult to completely prevent data being taken out.You need to have a system in place to reliably solve problems in case of an emergency.Digital forensic investigations are essential for investigating data exfiltration, information leaks, and securing evidence, but this is not something that an in-house information systems department can handle.
FRONTEO is a pioneer in fraud investigation that has been conducting forensic investigations since the dawn of digital forensics in Japan.We use the latest technology such as proprietary AI to identify, preserve, process, review, and create data for submission.A particularly distinctive plan is the ``Retired Person PC Maintenance Service,'' which anticipates cases in which retirees' data may be taken out.FRONTEO is a service that preserves and manages all data on retirees' PCs and smartphones within FRONTEO, and as soon as information leakage is discovered, we immediately extract the data on the retirees' PCs and smartphones and restore the data that had been preserved. In addition, FRONTEO is a one-stop solution within FRONTEO, from recovering deleted data to preserving evidence.In order to prevent companies from suffering major losses due to data being taken out by former employees, it is important to prepare in advance.It is safe to consult FRONTEO, including how to prepare before a problem occurs.
[Related article] Retirement PC maintenance service
