With economic slump, concerns rise over data theft
Is the worsening economic situation going to turn some employees into data thieves?
That's a top concern amongst IT decision makers, many of whom say that laid-off employees are the biggest security threat created by the economic downturn. In a McAfee-sponsored worldwide survey (registration required) of 1,000 IT decision makers, the company found that 42 percent of respondents felt that the laid-off employees represented the biggest IT security threat caused by the recession. That's more than were worried about outside intruders. And 36 percent said that they were worried about security problems caused by employees in financial stress.
Crime rates spike during hard times, and with thousands of workers being laid off each week now, there may be an added incentive for employees shown the door to take intellectual property with them to bolster their chances of getting hired with a competitor, to use with a start-up company of their own, or maybe even to sell.
"The economic downturn across the board is going to provide additional motivation for people who would want to do harm," said Seth Bromberger, an information security manager with PG&E in San Francisco. "It's on a lot of people's radar right now."
According to Bromberger, companies that have their employee exit processes in order have less to fear from laid-off workers. It's just that with the current economic squeeze, people's motivation may be changing
Layoffs can fray employee loyalty, and there certainly is money to be made selling all kinds of corporate data.
Last August, a financial analyst with subprime mortgage broker Countrywide named Rene Rebollo was arrested by the U.S. Federal Bureau of investigation for allegedly selling Excel spreadsheets containing customer information for about two-and-a-half cents per record. Over a two-year period he may have made US$70,000 from the scam, the FBI said.His annual salary was $65,000.
According to court filings, Countrywide had security software that disabled the use of USB drives on its PCs. But Rebollo found one PC that didn't have the software and was able to download about 20,000 records each week onto his personal thumb drive, which he'd later email to a buyer, the FBI said.
USB drives are one of the most underestimated sources of data leaks, says McAfee CEO Dave DeWalt. "For $100 you can buy a 100GB drive," he said. "100GB can be the entire customer base for an entire large company."
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
