Former employees taking company data to a competitor is an increasingly common problem. Three recent Australian court cases illustrate limits of court action and the importance of being proactive about protecting critical company data.Media headlines capture attention and focus on serious privacy breaches like Australian Red Cross Blood Service who last year confirmed an embarrassingly large data security breach involving 1.2 million records.1 But data theft from former employees is reported less often and it is difficult to measure how often it occurs. One global index records a malicious insider as the attributed source of five out of 44 data breaches in Australia in 2016 and seven out of 45 breaches in 2015.2
In a world where data is becoming an ever more precious commodity data thefts are costly. They affect small and large organisations with equal frequency. The costs to business, including those in Australia, have been extensively covered by the Ponemon Institute in the United States, which has conducted an annual study into data breaches and the cost to business since 2005. The institute’s latest survey put the average consolidated total cost of a data breach at $4 million.3 It reports that the biggest cost is lost business.
Company data: Lost in the cloud?
Enabling employees to work remotely increases the risk that valuable company information is stored on employee's mobile devices, which are often backed up to personal computers and cloud storage. It may be that departing employees are under the misapprehension that data they worked to create belongs to them. One survey by Symanec revealed that 62 per cent of employees think it is okay to store company data on their personal devices or cloud storage.4