a downturn in ethics

It's not as if we need anything more to worry about as we try to steer through the "perfect storm" of the global financial crisis. Unfortunately, though, there are some threats that cannot be ignored. One of them is the soaring risk of internal data theft.

At a time when wave upon wave of layoffs is hitting corporations, a new study reveals that many companies are losing more than workers. They're also losing important company information, much of which, if leaked, could be extremely damaging to their operations.

Already faced with the stressful and unpleasant task of having to reduce their workforce, many folks are apparently forgetting to take steps to secure their data and systems when employees depart. And their companies could end up paying a high price for that oversight. A survey by IT security specialist Cyber-Ark suggests that an astounding six out of 10 laid-off or fired workers are taking company trade secrets with them.

To be precise, 58 percent of New York City office workers admit that if faced with the prospect of losing their jobs, they would take valuable data with them if they could get away with it! And it gets worse: It seems that the mere rumor of a workforce reduction prompts people to start preparing for the worst by downloading proprietary information—just in case. In fact, more than half say they have already downloaded sensitive company information right under their bosses' noses in anticipation of losing their jobs.

As if that finding weren't disturbing enough, consider that of those who admit to downloading—essentially, stealing—confidential and proprietary info from their current employer, more than half say they would use it as a negotiating tool to secure their next post because they know the information will be very attractive to future employers.

What kinds of data are they stealing? At the top of the list are customer and contact databases. That's followed by strategic plans and proposals, product information, and access or password codes.

The weapon of choice in this new wave of corporate crime is reportedly the tiny little memory stick, also called a jump drive or flash drive. They are small. They are cheap. They are easy to conceal. And according to some IT experts, they're the least "traceable" method of downloading huge amounts of data.

But it's not just memory sticks that employers must beware of. The Cyber-Ark survey finds that employees also steal data via photocopying, e-mailing, burning CDs, accessing online encrypted storage Web sites, and using smart phones, cameras, and iPods.

"The damage that insiders can do should not be underestimated," said Adam Bosnian, vice president of products, strategy, and sales at Cyber-Ark, in a press release announcing the survey's results. It can take just a few minutes for a database that has taken years to build to be copied to a CD or memory stick, he warned. "With a faltering economy resulting in increased job cuts, deferred promotions, and additional stress, companies need to be especially vigilant about protecting their most sensitive data against nervous or disgruntled employees."

As for how companies can protect themselves, Bosnian urges employers to limit access to sensitive information to only those who really need it, to make sure that information is "locked down" in a digital vault, and to use the most current encryption technology available to secure highly sensitive data.

Always good advice, but perhaps even more important than usual as we try to ride out the current perfect economic storm.