|Page (1) of 1 - 01/13/12||email article||print page|
One in Five Employers Fear Employee Theft More Than CybercrimeIron Mountain advises businesses on how to better protect their information (January 13, 2012)
LONDON, UNITED KINGDOM -- (Marketwire) -- 01/13/12 -- Recent research by information management company Iron Mountain reveals that 20 per cent of businesses across Europe view the risk of employee theft as the most serious threat to information security. They see the risk as greater to the business than IT failure, cybercrime or natural disaster.
The research, undertaken for Iron Mountain(i), suggests a breakdown of employer confidence in staff intentions and a lack of faith in internal controls.
It seems that the level of concern may not be entirely misplaced. Global research published last month by network provider Verizon(ii) found that while just 17 per cent of data breaches implicated insiders, the potential impact of employee theft is greater than that of an external threat, with insiders three times more likely to steal intellectual property than outsiders.
"When it comes to information management, people are often the weakest link in the chain," said Florian Kastl, international director of security, safety and business continuity at Iron Mountain. "Information is the lifeblood of a business, and it is vital that companies have strong controls in place to minimise, if not prevent, the risk of employee theft. This will protect employees, the business, its customers and its reputation."
Florian Kastl recommends implementing the following practical steps to minimise the risk of employee theft:
- Know what you know. Identify and prioritise all the information held by your business - everything from incorporation and legal documents to intellectual property, financial data, sales projections and roadmaps, customer and HR records.
- Establish robust internal processes to reduce opportunities for theft - with the strongest controls for the most important or sensitive information. This should include an audit of when, where and how people come into contact with information as it travels through the business. This will help to identify points of potential vulnerability where access should be restricted. Make use of appropriate technology or secure on- or offsite document storage to lock away and protect your information; and have a clear and visible policy for violations.
- Ensure HR processes support information-protection policies. Robust recruitment checks, the monitoring of changes in behaviour patterns and a formal exit strategy will help to minimise opportunities for theft. Employees leaving a company, particularly if moving to a competitor or if departing under a cloud have been known to take company information with them.
- Ensure your policies are sufficiently resilient to cope with business changes - such as an acquisition or merger - and are robust enough to meet increasingly stringent regulatory demands.
(i)Iron Mountain - Document Management Study, Coleman Parkes, October 2011
(ii)2011 Data Breach Investigation Report - Verizon RISK team with the US Secret Service and the Netherlands' High Tech Crime Unit
About Iron Mountain:
Iron Mountain Incorporated (NYSE:IRM) provides information management services that help organisations lower the costs, risks and inefficiencies of managing their physical and digital data. The Company's solutions enable customers to protect and better use their information-regardless of its format, location or lifecycle stage-so they can optimise their business and ensure proper recovery, compliance and discovery. Founded in 1951, Iron Mountain manages billions of information assets, including business records, electronic files, medical data and more for organisations around the world. Visit www.ironmountain.co.uk for more information.
Copyright @ Marketwire
Related Keywords: Iron Mountain , Marketwire, , Financial, Management Services, Business, disaster, england,