But organizations need more than policies and training to effectively combat the alarming trends revealed by the Symantec study. Companies should also implement tools, such as data loss prevention (DLP), to detect and help prevent IP theft. Once a company identifies its core IP and implements a DLP solution, it can monitor the use of confidential data on desktops, laptops and mobile devices, and also record unusual data access patterns particularly when large volumes of data are accessed and/or copied.
An effective DLP solution can also detect unauthorized backups or transfers of IP to external devices or applications such as cloud services. Control should extend to .pst files, and administrators can enable features to effectively block IP transfers to unauthorized destinations.
Just as companies employ security software to warn employees engaging in dangerous browsing habits (think pop-up that asks, "Are you sure you want to open this infected file?"), employers can use DLP software to warn employees whose behavior runs afoul of company IP policy. Employers can also use monitoring tools to notify managers in the event of unauthorized IP copying, which behavior is more prevalent in employees who've already decided to take another job.
Stricter monitoring of access to and copying of sensitive IP may seem excessive at first, but real-time enforcement is a far more efficient way to prevent IP theft before it occurs and, generally speaking, is a more cost-effective way to protect IP than the usual practice of examining an employee's computer usage after the employee has already departed. As Frederick Taylor discovered long ago in his organizational studies, employees who know (or at least think) their behavior is being actively monitored are less likely to act contrary to company policy.
A detailed exit interview is also an important tool to deter IP theft. Prior to an exit interview, companies can use the monitoring solution to run a report for HR that reveals any unauthorized actions by the departing employee and identifies any data or devices that should be returned. With this information already in hand, an employee's credibility (and risk factor) should be easy to gauge during the exit interview.
The exit interview is yet another opportunity to review continuing obligations with the departing employee, ensuring they have a clear understanding of what the company considers to be its valuable trade secret information. HR should provide clear, specific direction on property that employees must return not just laptops and smartphones, but also USB drives and other devices that the company has already identified as having been connected to company machines (and which is likely to also contain company IP).
While these steps may seem Orwellian at first, they are designed to detect and prevent IP theft (and actual damage) before it occurs. Moreover, the costs of implementing these steps generally pale in comparison to the significant resources companies already spend on post-termination forensic analysis and litigation necessary to recover damages which could have easily been prevented.
Sign up for Computerworld eNewsletters.