Consider this scenario for a moment. An employee in your company has just downloaded a spreadsheet with all of your CRM data on it. It contains not only names, job titles, contact numbers and e-mails for all of your customers, but also notes on the size of their procurement budget, their purchasing pressure points and the expiry dates of your contracts with them.
The employee has no valid reason for downloading the database. He can already access all the information via the CRM. And on top of this he has also saved the spreadsheet to a USB stick that he can take away with him from the office.
That all sounds like information that your business rivals would pay highly to get their hands on, doesn’t it? All it takes is one disgruntled employee who is eager to leave your company and wants to smooth their path to one of your rivals. This is no less than industrial espionage and could cost your business a lot of money and customers that you have spent years acquiring.
It is so easily done and there is so little you can do about it. Or is there?
Well, actually the technology is already there to be able to monitor employee behaviour for such indiscretions. In fact, sophisticated network behavioural monitoring solutions have now reached such an advanced stage that they can use algorithms and big data to build up a picture of normal activity over a closed network. If unusual or suspicious activity takes places the solution can spot it, close down access permissions and alert network administrators immediately.
As well as mitigating current data breach activity, leading edge solutions such as ThreatSpike can also investigate past activity, to build up a picture of an employee who is under suspicion. This can be used to eliminate an innocent employee from an investigation, as well as providing evidence against a guilty one.
Technology has made industrial espionage much easier but, as well as contributing to the problem, technology has also provided the solution. You owe it to your employees and your customers to take all necessary steps to keep their data safe from a data breach.
Head of Cyber Security
Tags: #Cyber Security