Laid off workers stealing company data


More news articles published this week are raising awareness of risks involved with sensitive information leaving your organization when employees are laid off. Another research study from the Ponemon Institute, in conjunction with Symantec, surveyed 945 adults in the United States who were laid-off, fired or changed jobs in the last 12 months. It found 59% of employees who leave or are asked to leave are stealing company data, such as contact lists, employee records, financial reports, confidential business documents and software tools

Kevin Rowney from Symantec told the BBC that, "The intellectual property of a company can represent the crown jewels and are almost worth more than the building. This is the core asset of a company and any breach or loss can be very expensive... The industry has concentrated on the protection of the containers where the data is stored like firewalls, access, controls and end point security systems... The end result is that most security teams are protecting the containers not the data itself. And that is a core flaw in the security methodology of many practitioners today,"

Symantec sponsorship obviously highlights their DLP solutions which allows for the detection and control of information as it flows across devices such as firewalls and network files servers onto desktop and laptop computers, and ultimately onto removable USB devices.

Without question i'm going to state that IRM is a perfect compliment to DLP to provide a robust solution to protecting, controlling and reporting on the use of sensitive content. DLP has its limitations and IRM fills those holes, combine this with the total set of security technologies from Oracle and a smart company could ensure the recent increase in risk can be reduced and controlled for a fraction of the cost from the repercussions of loosing all this data.

Another comment I found interesting was, "It is not enough that I will be laid off, that I will have to sell my home and possessions at a loss - I am now considered a 'thief' for'stealing' (ie taking work home with me) intellectual property. Why is the worker blamed for everything that goes wrong with a company?"

Oracle IRM has positive solutions for both problems. It first provides an organization with the ability to have absolute control over documents, not only by limiting who can print (and therefore steal paper copies) but also by removing access to content when an employee no longer works for the organization.

Secondly it can actually help the employee... Oracle IRM allows for a balance of usability and security that allows people to use sensitive content on the move and from home locations. Leaving a company and knowing they are responsible for removing your access rights, frees the ex-employee from all responsibility. If the organization is able to revoke all rights to content, then the end user no longer feels under the spot light when they leave.


I'm not completely sure I see how this benefits the employee. The only way this would benefit the employee (as per the comment quoted) is if the data could be controlled outside of the company network. Simply shutting off my access to the data (preventing me from stealing it) is only likely to happen AFTER I am fired/laid-off/quit. The ability to control access to files only comes into play after the fact. Therefor, if I have a history of taking work home, I continue to be under scrutiny for 'stealing' unless, somehow, they can confirm that I have always returned all documents and wiped them off my home machine. At which point, you've already proven that I haven't stolen anything and IRM doesn't matter. Am I missing something here?

Posted by Joel on February 24, 2009 at 09:50 PM PST #

Joel Most IRM deployments DO allow for the usage of content beyond the corporate network. That is core to the usability of any IRM solution, you must balance your security requirements with the needs of authorised users. Therefore letting users copy content to USB keys, to home machines etc should be allowed as long as they legitimately have access to content. I'd say 99% of customers i've worked with host the IRM server on the public internet allowing for any trusted users to open sealed content from any location. So from the employee perspective, I can have access to sensitive information anywhere I wish. But as soon as I no longer work for the company, or maybe it is a partner relationship that has changed, the organization who owns the content takes on the responsibility for revoking access. I think this is an important point, because if I get laid off, I certainly don't want to spend time trawling all my home machines, USB keys and other places to go deleting content I may have used whilst doing my job. IRM gives me the freedom to not care, it's not my problem anymore the company should be switching off access to that information.

Posted by Simon Thorpe on February 25, 2009 at 12:29 AM PST #

ah, ok, this was a technical misunderstanding on my part. A quick read up clarified what and how IRM works. Now this makes much more sense (sorry, wasn't thinking before I posted before. Should have done my reading first)

Posted by Joel on February 25, 2009 at 12:44 AM PST #

Post a Comment:
  • HTML Syntax: NOT allowed

Oracle IRM protects and tracks your sensitive information no matter where it goes. It combines business friendly encryption with role based usage rights and auditing.

11g quick guide


« July 2016