A potential situation that has occurred in David Doe’s situation is an industrial espionage. An industrial espionage is when your competitors have gathered sensitive information through hired spies. It embraces illegal and unethical methods of collecting the company’s corporate data. It involves stealing of intellectual property, trade secrets, modes of internal operations that stands out and which is later used for a competitive advantage.
In acts such as David Doe has carried out employees tend to gather intelligence and later utilize it for their own benefit or sometimes for a huge financial profit when sold to the direct competitor.
This malicious activity is however very hard to detect than the hacking attacks that take place. All employees are required to abide by the compliance rules in a clearly written security policy. The policy should include rules stating the files that need to be shared and which can be saved on a network folder and the ones that are specifically meant not to be shared even with inside employees that do not need the necessity to see those files.
It should include rules prohibiting the sharing of password, locking your systems always when you are away from the desk and pushing employees to BYOD, among the other things. Always make sure that the employees have completed the security training from upper management to lower level.
In most cases, the employees access rights to the systems are tested and terminated only during the last couple weeks of work.
Also, in some companies they have access even after the termination date for a couple of days which makes them to still gain access to the sensitive data to perform malicious purpose. Companies have to implement a proper termination policy to protect the acts of industrial espionage by former employees.
Monitoring of employee’s activity is always essential as you never know if the employee is acting maliciously, intentionally, and inadvertently unless their online presence is monitored exclusively. Always monitor more closely on the privileged users such as system admins and the upper management. Take actions in a timely manner such as every quarter conduct an internal audit purpose and keep a record of all the incidents. This makes the employees stay vigilant as they know they are recorded and monitored.
Organizations should invest in technology that prevents sensitive data records from being copied and shared to personal emails. Also, make sure that sensitive documents should always be disposed with utmost security by shredding in the appropriate disposal and not thrown into the trash.
👋 Hi! I’m your smart assistant Amy!
Don’t know where to start? Type your requirements and I’ll connect you to an academic expert within 3 minutes.get help with your assignment