In previous blog posts we covered the in’s and out’s regarding employee’s stealing confidential company information (hyperlink) and the role of forensics after employee data theft has occurred (hyperlink). To provide some context, we discussed how having the most efficient and thorough internal policy or preventive measures in place can still result in employee data theft. It may be unsettling to realize that a resourceful and persistent employee may inevitably be able to steal Company data. The role of computer forensics is pivotal in helping to gather information and evidence about the perpetrator, which enables the employer to seek legal redress. Legal Remedies may include monetary damages or an injunction.

Unfortunately, many employers do not realize an employee has taken confidential information until weeks or months have passed and this will hinder any legal claim. As is the case in most legal settings, by altering the former employee’s computer it will diminish the value of the evidence uncovered and consequently prevent a successful claim. That is why digital forensics Corporation recommends preserving the digital contents of a former employee’s computer by making a forensics copy of the hard drive or mobile device. Should suspicions arise in the future concerning theft of confidential information or other potential causes of action, the evidence obtained from a forensic examination conducted on the hard drive “mirror” will be as credible in Court as if the original hard drive had been preserved and examined.

In simpler times, a devious employee would have to devote countless hours and energy into stealing pertinent information from their Company. In the current technologically driven age where nearly all Company files (financial statements, trade secrets) are stored electronically, one can never be absolutely certain if employees are secretly stealing company information. Electronic documents are easy to copy and are naturally more prone to theft than old fashioned hard-copy documents. In prior posts we discussed the importance of limiting access to confidential Company information by creating passwords and other various precautionary measures, which is certainly a good starting point.

However, consider just one scenario where technology affords an employee the opportunity to take data electronically from a company by utilizing a USB device. The device can be slipped into a computer stealthily, can hold vast amounts of data, and does not require an intricate operation to undertake. This is merely one example but it demonstrates not only the ease with which electronic documents can be stolen, but also the quantity that can be taken in a brief time span.

The myriad of reasons an employee may be motivated to take confidential company information can range anywhere from the employee doing so inadvertently to an employee intending to derive personal gain by exploiting a trade secret. Whatever the reason may be, it has become evident that every company should implement internal policies to protect themselves not only after a data theft has occurred but also by taking preventive measures. Legal Evidence Corporation has experience implementing policies and technology necessary to protect Company data.