Leadership optimize

Video: Five ways to keep users from stealing corporate data

Bill Detwiler highlights five ways to prevent employees from stealing sensitive or private data from your corporate computer network.

External network intrusions may grab the headlines, but don't let protecting against these attacks sidetrack you from an often more dangerous threat--employee data theft. During this week's TR Dojo episode, I highlight the following five ways you can keep your data from walking out the door:

  1. Have clear, written policies on data security
  2. Set restrictive permissions and audit access
  3. Use encryption
  4. Set up outbound content rules
  5. Consider creative data theft methods

For those who prefer text to video, you can click the Transcript link that appears below the video player window or read Deb Shinder's article, "10 ways to make sure your data doesn't walk out the door," on which this video is based.

Data security products and software mentioned during this episode:

You can also sign up to receive the latest TR Dojo lessons through one or more of the following methods:

About

Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...

33 comments
MikeBlane
MikeBlane

The song that I immediately thought of was from the Miser Brothers Christmas "I'm Mister Heat Miser" and "I'm Mister Freeze Miser"... The words aren't the same, but that's what I thought of. The obvious funny song is "put one foot in front of the other".

dennis.rhine
dennis.rhine

One really important thing that we started doing too was to securely wipe hard drives before a computer is retired or reused within the organization. I have read horror stories about hard drives winding up on the secondary market while still containing confidential information. It only takes a little time to wipe them or destroy them.

Nancy100
Nancy100

The real threat is China and Russia and other state sponsored thieves. I urge everyone to read Richard Clarke's new book CYBERWAR. Totally revamped my thinking on this critical national security threat. Nancy H. EditPro

Gis Bun
Gis Bun

Surprised on data theft topping the poll considering the amount of stories where a laptop or a USB key was lost. Not mentioned but a good [and a bit complex] security tool is DeviceLock. Block unauthorized USB devices, CDs, DVDs, etc.

mfcoder-hh
mfcoder-hh

Aside from accidental exposure, the best way to stop malicious internal attacks on your security is to make sure you dont have disgruntled users with a grudge. So, keep your users happy and invested in their company, and they are much less likely to consider data theft as an option. Happy users == safe users.

widd11e
widd11e

The song is maybe WALKING OUT THE DOOR - MARTY SIMPSON

janitscheka
janitscheka

Another way that internal data/info is walking out the door is on the hard drives that are part of today's copiers and all-in-one machines. Here is a link to a CBS news story on the problem; quite surprising. thx. aj http://www.wimp.com/copymachines/ Song U were thinking about: Walking on Sunshine by Katrina and the Waves? (likely not this one, but it's my best guess)

bnielsen8
bnielsen8

The song, I think, was Eurythmics "Would I Lie To You?". A TR Dojo coffee mug would be very nice.

eireannjon
eireannjon

Song in your head, I will survive by Gloria Gaynor

Kim SJ
Kim SJ

Things like unauthorised wifi access points, connecting insecure laptops, circumventing security provisions... if the system gets in the way of doing their job, users will find a way round. It's essential to educate users enough for them to understand why things are set up the way they are, and why the rules exist. It's also essential to listen to users' complaints, and minimise the extent to which the system does get in the way.

doublement
doublement

Pretty obvious actually. "I will survive" by Gloria Gaynor. I've always wanted a TR mug

sam
sam

Where can i buy that book as i can not see it on the Amazon site?

famigorena
famigorena

An additional and efficient way to mitigate insider threat and prevent employee data theft is to restrict access to the network on a strict ?need to access? basis, to thoroughly monitor user sessions and to keep track of all session logging and locking events for future reference. And there's an app for that: IS Decisions UserLock. UserLock indeed allows IT security teams to: - prevent or limit simultaneous logon (same ID, same password), per user or user group - record all session logging and locking events in an ODBC database (Access, SQL Server, Oracle, MySQL,?) for future reference - monitor user sessions in realtime (who is connected, from which workstation(s), for how long?) - remotely lock, logoff and reset all interactive sessions - define working hours and/or maximum session time for protected users and disconnect users with prior warning outside of the defined timeframe(s) and/or when time is up - restrict user group?s network access per workstation or IP range - notify all users prior to gaining access to a system with a tailor-made warning message (legal disclaimer, etc.) - ? You can download a fully-functional, 180-day copy of UserLock from http://www.UserLock.com

kygoo
kygoo

Do Wah Diddy Diddy?

bboyd
bboyd

Both email and on flash drives. The source was traceable for the email, not for the USB stick. Still could have happened with a smuggled camera. That is the ones we've seen firsthand. At least our prototypes aren't founf in random bars.

Bill Detwiler
Bill Detwiler

In the above TR Dojo post, I highlight five ways to prevent employees from stealing sensitive or private data from your corporate computer network. But, data theft is only one of the ways employees can misuse a company's network. From visiting inappropriate Web sites to storing pirated movies on network servers, end users can abuse their corporate network in a variety of ways. Which of the following do you think is most serious? Take the poll and let me know. Original post and poll: http://blogs.techrepublic.com.com/itdojo/?p=1747

SgtPappy
SgtPappy

After deleting partitions, I cut my old drives in pieces using a ban saw. It may not destroy all the data but it makes getting to it much more difficult.

rothgery
rothgery

"Put One Foot in Front of the Other" ...and soon you'll be walkin' out the door.

ndveitch
ndveitch

Most of the users these days have laptops and therefore data would more than likely go home with the user every night. When it comes to laptops the user would not have to worry about emailing, copying to a USB or even printing the data. When they get home they will have all the time in the world. And more importantly, Bill what was the song :)

1bn0
1bn0

Then complaining about the lost data when the hard drive crashes.

jgriffin
jgriffin

Gloria Gaynor - I Will Survive

BitHammer
BitHammer

Here's my guess: "One Bourbon, One Scotch, and One Beer" by George Thorogood ("And out the door I went!)

cayeaj
cayeaj

Walking out the door - by Marty Simpson?

eireannjon
eireannjon

Song in your head, I will survive by Gloria Gaynor

mafergus
mafergus

A nicely weighted hammer does wonders also. It's not as efficient as a band saw, but very satisfying

jgriffin
jgriffin

Gloria Gaynor...I Will Survive

SgtPappy
SgtPappy

by Bass Jules Put one foot in front of the other And soon you?ll be walking cross the floor Put one foot in front of the other And soon you?ll be walking out the door You never will get where you?re going If you never get up on your feet Come on, there?s a good tail wind blowing A fast walking man is hard to beat Put one foot in front of the other And soon you?ll be walking cross the floor Put one foot in front of the other And soon you?ll be walking out the door If you want to change your direction If your time of life is at hand Well don?t be the rule be the exception A good way to start is to stand Put one foot in front of the other And soon you?ll be walking cross the floor Put one foot in front of the other And soon you?ll be walking out the door I'll take my cup monogrammed.

solotito
solotito

Wynn Stewart - I Was Just Walking Out The Door

mikeb
mikeb

These Boots Were Made for Walking - Nancy Sinatra

mkelly
mkelly

50 ways to leave your lover? (Paul Simon I think)

knifton
knifton

We use "Boot and Nuke" free off the web google it. It does mean you can redeploy the drive. Also far less likely to be physicaly injured, some of those hard drives are tough little suckers :-)