Valuable Corporate Data Walking Out The Door With Departing Employees
FindLaw columnist Eric Sinrod writes regularly in this section on legal developments surrounding technology and the internet.
Do companies have legitimate concerns that departing employees may take critical corporate information with them when they leave? You bet, according to recent survey statistics. Indeed, as many of 70% of workers revealed that they would have "clear plans to take something with them upon actually leaving," according to a survey of London company employees by Imperva, a data security company.
The survey results demonstrated that 72% of the respondents confessed to having taken corporate information from prior companies. In that context, the most frequent types of materials taken were human resource materials, marketing information, and customer records. Looking forward, as many as 27% intend to take materials containing intellectual property and 17% plan to take customer information. Interestingly, many respondents believe that they "own" the information they have access to, and thus think that they may not be doing anything wrong when they take company data with them.
The survey results also confirm the obvious. Namely, that easy access to information makes walking away with it all the more possible. Of the respondents, 85% maintain corporate information on their mobile devices or home computers, much of which includes customer records and intellectual property.
Very troubling is the survey indication that more than half of the respondents gained access to information that was suppose to be off-limits to them. In fact, 73% reported that access controls are "very easy" to skirt.
Bottom line: companies need to be very proactive to ensure that valuable corporate data - often times the corporate crown jewel - does not leave with departing employees. Protecting corporate data may be easier said than done. Employees need to be educated in terms of what they can and cannot do upon departure, and they need to execute agreements that spell out proper steps to be taken when it comes to protected company data. Companies also need to have appropriate technical measures in place to help ensure that devices and computers of departing employees are wiped clean of corporate information and that the departing employees no longer have access to company networks and systems.
Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP http://www.duanemorris.com where he focuses on litigation matters of various types, including information technology and intellectual property disputes. His Web site is http://www.sinrodlaw.com and he can be reached at ejsinrod@duanemorris.com To receive a weekly email link to Mr. Sinrod's columns, please send an email to him with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author's law firm or its individual partners.
Related Resources:
- Sensitive Company Information Bleeding Out The Door (FindLaw's Technologist)
- Online Protection for Your Company's Confidential Information (FindLaw's Free Enterprise)