California business cybercrime defensive strategies

Employee theft in California businesses has reached a level beyond stealing a stapler from the supply closet. The Computer Security Institute estimates that a one-time security breach in an online business can cost between $600,000 and $7 million a day.

Customer lists, intellectual recipes, financial data, trade secrets and expansion plans fall into the hands of hackers, many of whom double as trusted employees. Security professionals say one-time-only, insider hack attacks swipe about 10,000 pieces of confidential information. External hackers get away with a lot less sensitive material than that.

No organization is entirely immune from theft. Wireless giant Verizon admitted one-fifth of its security hacks were perpetrated by people within the company. Businesses are responding to theft by securing as many open doors to intellectual property as possible, starting with the hiring process.

Security experts suggest paying more attention to the resumes and backgrounds of job applicants. Lawful pre-job tests and screening weed out applicants with suspect employment histories.

Lax security policies invite trouble. Employees who get away with petty theft in the workplace set an example. The middle manager who occasionally uses a company car or cell phone for personal use may not seem harmful until the practice sets up an “it’s-okay-to-steal” attitude among other employees.

Technology can monitor workers’ physical and online activities. Real-time and backup scanning increase security, but monitoring computers, conversations and other tools and actions must be done within legal boundaries.

Detailed monitoring and company privacy guidelines should be included in worker handbooks. Businesses are advised to create security rules as conditions of employment and strongly enforce them.

Companies can schedule independent audits and designate internal theft investigators. Workers can be encouraged to report incidents anonymously and without threat of backlash. Insurance is also available to cover cybercrime losses.

Strengthening intellectual property security is time-consuming for company owners. Intellectual property attorneys can help streamline security plans that are effective and legal.

Source: hreonline.com, “A Brief Guide to Fighting Employee Cybercrime,” Spencer Hamer, March 20, 2013