A battle between two recruitment agencies which reached
the High Court has underlined the need for businesses to review the
way they secure their confidential business data, lawyers have
said.
Social Workline reached a settle¬ment last week with Action
First over allegations that an individual who transferred between
the firms supplied records from Social Work¬line’s client database
to his new company. London law firm Mishcon De Reya said the case
highlighted the growing importance of ensuring database
security.
“It is rife,” said solicitor Hugo Plowman. “Data is being stolen
electronically in most instances, either by people e-mailing data
to their Hotmail accounts or to a friend. Or they will use USB
sticks or iPods to steal data.”
The affected recruitment firm brought in forensic IT
investigators when it discovered the apparent theft.
It has since stepped up security by configuring its Lotus Notes
system to record and monitor all e-mails sent by staff. It has also
disabled the USB drives on desktop machines.
Mishcon De Reya advised organisations to segregate data, so that
staff only have access to the information they need. It said
limiting the size of e-mails that can be sent out of a company and
restricting the ability to print out large files after office hours
were also steps that should be considered.
On the question of monitoring staff e-mails, Charles Boyle,
barrister and commercial adviser at the Recruitment &
Employment Confederation, said companies had a right to monitor the
behaviour of employees to protect their data.
HOW TO PROTECT YOUR DATA
- Ban iPods from the office
- Make sure databases cannot be exported to e-mail
- Control which employees have access to databases
- Carry out vetting checks on staff
- Include invisible traces in your data.
Source: Carratu International
Read article:
Secure web use without walls >>
Read article:
Network security special report >>
Comment on this article:
computer.weekly@rbi.co.uk