Reis Blog

Visit the Reis Blog regularly for information an advice on information technology management in Canada, and around the world.

Five Ways to Protect Your Business From Data Theft

Posted August 01th, 2018 in Security, How-To’s, For SMB

Look around the office. One in four of the people will take or share sensitive company information when they leave their job. The findings from a 2016 survey of 600 employees in seven industries show that employees are the greatest risk when it comes to data theft.

Closeup of young male theift in sweatshirt with hood transfering money from bills of stolen creding cards

The survey also found the following:

  • 15 percent of respondents said they are more likely to pilfer files if they’re fired.
  • 85 percent of those who take data say it’s material they created, so it isn’t wrong.
  • Only 25 percent of ex-employees took material they did not create.

The good news:

About 95 percent of respondents said taking data was possible because

  • Their employer didn’t have policies or technology to stop them, or
  • The company ignored its policies.

That’s good news because it means there’s something you can do about it right now if you fall into either of those camps.

1. Education

Most survey respondents didn’t accept the categorization of their actions as “theft.” They don’t think taking company data is malicious or even just wrong because—in most instances—they’re taking something they created; they see themselves as co-owners.

Education can go a long way to addressing this aspect of the problem. Talk to new employees about data protection and security. Periodically remind staff about your stance.

2. Establish clear policies (and enforce them)

Where you have policies governing data handling that are clear and comprehensive, you’ll reduce the problem. Put those policies in employment contracts.

Address issues such as the following:

  • Using personal devices to create company data
  • Using consumer file sharing and collaboration tools

The range of tools survey respondents used to take information ranged from flash drives to Dropbox to simple printing.

3. Keep permissions tight

Establish data classification and access permissions. You don’t want to stifle productivity, but there’s no reason to give access to people who don’t need it. The principle of least privilege is a good rule of thumb.

Moving to the cloud requires special vigilance with tracking permissions and user access. Even keeping a spreadsheet that lists every employee’s access, tools, and apps can help.

4. Be vigilant

Watch for the unusual. Set up alerts for movements of unusual amounts of data or activity at odd hours.

5. Prepare to respond

The survey suggests that some theft—or attempted theft, at any rate—is inevitable.

Decide now on how you will respond in the event of an attack or in the event an employee who is leaving the company might be disgruntled. Employees were 22 percent more likely to steal company information if they were fired under “bad circumstances.”


To receive our company news, updates and blog posts, make sure to subscribe to our monthly newsletter by filling in your email on the right of this page.


Learn More About Our Security Services



Increase Revenue Growth and Boost Your Business Success With IT Support.

Book a complimentary business systems assessment today and learn how Reis can help turn your capital costs into operating costs!