To guard against disgruntled employees as spies, be nice to them. "A well-compensated, well-treated employee is far less likely to betray you," says Becnel.
Other approaches to stall corporate spying include having people sign non-compete agreements and posting corporate policies about the company monitoring and logging computer usage. "This may give a disgruntled employee some pause before dumping sensitive data onto a thumb drive before leaving to work for a competitor," says Becnel. It can also give companies legal recourse after the fact.
As for IT professionals, the enterprise can enable them to do their jobs without them seeing the data by using encryption and access controls that security, not IT, manages. "IT professionals don't need to see the data to back it up, for example," says Cates. By maintaining the encrypted state of the data and keeping the key in someone else's hands, an enterprise can prevent even systems administrators from becoming successful data spies.
Knowing who the spies could be may have to be good enough. Check, watch, and limit everyone so they can do only good. Know changing data to secure it successfully.
Sign up for Computerworld eNewsletters.