One of the most obvious changes caused by COVID-19 is that
everyone is now working from home. In addition, now that the
floodgates have opened, many U.S. companies expect work-from-home
arrangements to expand. In fact, according to the 2020 Remote Work-From-Home Cybersecurity
Report, sponsored by Pulse Secure, 84% of U.S. companies
surveyed expect broader work-from-home adoption despite the fact
that 69% of these organizations are concerned about work-from-home
security risks.
So, this begs the question, what should you do if you
suspect an employee or ex-employee of stealing trade secrets?
First, you have to control the damage. The company should
begin by confirming that it has terminated the ex-employee's
access to all company information, both physically and virtually.
These steps include revoking all computer and building credentials,
reclaiming company computers and smart phones, as well as
eliminating virtual private network (VPN) access to the
company's computer system.
Second, you must preserve the evidence. The
company should not reissue, update, defragment, or do anything to
the computer without first "imaging" the electronic
device's hard drive and information storage system. Otherwise,
the company could lose critical evidence necessary to prove the
ex-employee's theft. The ex-employee's company devices are
usually the best evidence of an employee's mishandling of
company trade secrets. This basic forensic examination will usually
reveal if the ex-employee is a real threat to the company or
not.
Third, you must immediately survey the damage and act
quickly. Although lower-level employees, such as
entry-level accountants or secretaries, are typically less likely
to steal information, companies can never be too careful. Stories
abound of how the company secretary stole a client list or
confidential pricing information on their way out the door.
Regardless, if you discover that an ex-employee has misappropriated
company trade secrets and poses a material risk to the company,
time is of the essence. The company must act fast and should
consider seeking emergency relief in the form of a temporary
restraining order.
Conclusion
Given that the number of employees who work remotely is expected to
continue to rise, it is essential for businesses to establish
robust cybersecurity measures to prevent trade secret theft.
Companies must also design and implement plans for responding
swiftly to incidents involving stolen proprietary information to
minimize potential damage to their businesses.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.