I'm an IT fraud examiner for a large educational institution, and it was no shock to me to find company data scattered all over the place. Data was hiding in closets, under desks, and even within classroom areas.
There are lots of reasons to ensure control of company data, but there's one that keeps me especially busy. Weak or non-existent IT policies have enabled some employees to make personal gains from multiple employers simultaneously. These employees believe they can use their company's equipment and bandwidth to run their own businesses on the side. Talk about multitasking.
I began working on building policies and processes to detect fraud and prevent potential data loss. Some employees had been running their side businesses for quite some time and were even successful – until they got caught. For example, a tip came in from several employees that one of their coworkers had his own professional talent company and was actively recruiting from work for bands and singers to perform at local venues. The employee was using his official job title and work phone number on his electronic business cards, Web site, and e-mails while conducting his side business. In addition, he utilized the company banners and logos on his side business. All of this misrepresentation created a conflict of interest.
Our preliminary investigation consisted of utilizing forensic software and a data loss product to search for present and historical data related to the employee and the documents in question. Those preliminary results showed just how detailed the operation was; his work computer was being used for the creation of financial records, maintaining contact lists of past and present performers, and legal contracts used between all parties. We were also able to obtain e-mails and other documents that furthered our investigation. When questioned and shown snippets of the data collected, the employee admitted what he had done and provided additional details on his venture. The individual was subsequently terminated for cause and conflict of interest.
Prior to having data-loss tools available to investigate with, hunting down information was a time-consuming and cumbersome process. Interviews, luck, and knowing where to go were the keys to finding the valuable nuggets of data. Hunting for data was hard enough, but I had no way of reporting on what material was actually walking out the door, being used by competitors, or put up for resale. This problem became evident when we started to evaluate and implement data-loss tools into the environment.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive InfoWorld Resource Alerts
1 Recommendation
