How to prevent information leakage by retirees? Introducing the risk of information leakage and case studies of investigations.

In recent years, there have been a number of reports of information leaks in which a company's technical or sales information is illegally taken out of the company, and strengthening the protection of information has become an issue. One of the main reasons for information leaks is that they are caused by retirees. This article explains the risks posed by information leaks by retirees and measures to prevent them, and also provides examples of actual information leaks and their investigations.

The largest number of cases of information leaks in companies are caused by "mid-career retirees

According to a report by the Information-technology Promotion Agency, Japan (IPA), which investigated the occurrence of trade secret leaks in domestic companies in 2020, the most common cause of information leaks was "mid-career leavers," accounting for 36.3% of the total survey, up from 28.6% in 2016. All companies need to prepare for information leaks caused by mid-career leavers on a daily basis and consider how to countermeasure and deal with such leaks.

Reference: "Survey on Actual Conditions Concerning Trade Secret Management in Companies 2020" Report
https://www.ipa.go.jp/archive/security/reports/2020/ts-kanri.html

Risks posed to companies by information leaks by retirees

Leakage of information by retirees can cause significant damage. This section describes specific impacts and risks.

Risk of claims for damages from individuals or other companies

Information leaks by retirees also carry the risk of claims for damages from individuals or companies against the company from which the information was leaked. If a retiree takes personal information of customers or employees and misuses it, the individual victim may be inconvenienced or damaged and may file a claim for compensation to the company.

If the leaked information was important corporate information of a business partner, the claim for damages could be substantial, depending on the nature of the information.

Risk of loss of competitiveness due to leakage of know-how and trade secrets

Damages are also incalculable if a company's important trade secrets, rather than those of its customers or business partners, are leaked. Leakage of the company's proprietary know-how may also lead to a decline in competitiveness.

Risk of slander and reputational damage

Even if no financial damage is incurred, damage can still be incurred. The company's ability to manage information as a company will be questioned, and the company's credibility will fall to the ground. There is also the risk of being exposed to slander and reputational damage.

Risk of receiving a recommendation or order for correction or criminal penalties from the government

According to the Personal Information Protection Law, if personal information is leaked, the company will be subject to on-site inspections and corrective recommendations and orders from the government in addition to compensation for damages. Violations may result in imprisonment or fines, and businesses that handle personal information must be more careful.

Measures against information leakage by retirees

To avoid the worst-case scenario, countermeasures against information leaks by retirees should be a top priority. Effective measures include limiting access to and removal of information to reduce risk, using security cameras and entry/exit records as deterrents, and raising employee awareness through in-house training and written pledges.

Limit access to and removal of confidential information

Restricting who has access to important information can reduce the risk of information leaks. It will also make it easier to identify the person who took the data out of the company, which will help in dealing with the situation after an information leak has occurred.

Install security cameras and record entry and exit from the office.

Even in situations where data cannot be accessed or physically taken out of the room, it is possible to commit crimes such as photographing PC screens or important documents. It is also effective to strengthen access restrictions to secure areas and take measures to keep people away from important information. If security cameras can be installed to monitor office entry and exit status along with IC card information, this will not only help identify the culprit in the event of an information leak, but also serve as a deterrent.

Raise awareness through in-house training and confidentiality pledges.

Define the penalties for information leaks in internal regulations and make them widely known through internal training programs. It is also effective to have all employees sign a confidentiality pledge. It is a deterrent to make employees aware that they will be liable for substantial damages if they leak information, even after they have left the company. It will also encourage other employees to report whistleblowing by making them aware that it is a blow to the company's business management.

Forensic Investigation" is effective in investigating information leaks by retirees

If an information leak still occurs, a company should conduct a "forensic investigation. A forensic investigation is an investigation that gathers and analyzes information related to the incident to reveal evidence of wrongdoing. In many cases, information leaks are in the form of data, and in such cases, the information stored on digital devices is searched for evidence of wrongdoing and its circumstances.

It is recommended that forensic investigations be conducted by an investigative firm rather than by the company itself. By utilizing specialized software and AI possessed by the investigation company, the investigation can be conducted efficiently and at a cost appropriate to the scale of the investigation.

A case of information leakage by a retiree in a company and forensic investigation

In order to explain what exactly we investigate, we will introduce an actual case of information leakage and forensic investigation that occurred in a real company.

FRONTEO handled the case of an employee taking confidential information out of the company.

Two years after former employee A moved to a competitor, it was discovered that a similar product was manufactured without permission and sold overseas; the logs from the PC used by A showed that a large amount of data had been copied a few days before his resignation date. However, the large amount of data made it difficult to conduct an internal investigation, and a court opinion stated that "it is necessary to identify the person and the operation of the trade secret" in order to identify the information taken out.

Therefore, to ensure the third-party nature of the investigation, we asked FRONTEO, an investigation company, to conduct a forensic investigation. As a result of the investigation into the construction of our own database and the large amount of log data on external HDDs and USB devices, we confirmed that approximately 300,000 items of data had been copied onto a USB memory device, that the external HDD was deleted several days later after the network cable was unplugged, and that unrelated program files had been written and deleted repeatedly for approximately 120 hours. In addition, he repeatedly wrote and deleted unrelated program files for approximately 120 hours.

For information leak investigations by retirees, contact FRONTEO, which has a proven track record in AI-based forensic investigations.

FRONTEO has been a pioneer in forensic investigation in Japan since its establishment in 2003, and has worked to solve a wide range of corporate problems. We have an established reputation for our technology and know-how based on our outstanding experience.

By combining our experience in handling cases with our own AI engine, we have achieved a high level of accuracy and efficiency that no other company can match.