Does your company have rogue employees selling sensitive data and trade secrets to a competitor or identity thief? How would you know? By the time you find out, it is likely too late.
An audit of data theft cases by Palisade Systems, of Ames, Iowa concluded that the problem is larger than you might imagine. Over 65% of corporate data theft cases are attributable to employees. Either through theft or mistake, these employees caused the loss of more corporate proprietary information than competitors, thieves and hackers combined. Patent applications, research and development activities, trademarks, trade secrets and other sensitive corporate data are all at risk from accidental or intentional acts of employees.
To reduce these risks, it is imperative that every company have an employee handbook. The handbook needs to be updated regularly to address changing technology and procedures, such as those relating to confidential data transfer and security. At the very least, the handbook should address the following issues:
General Rules of Conduct (as well as unacceptable conduct)
Employment at Will (if applicable)
Resolution Process (written steps)
email policy (no expectation of privacy)
Internet Usage Policy (include monitoring procedures)
Performance reviews (at least annually)
Workplace Guidelines (attendance, dress, meals)
Blogging Policy (make sure it is specific to your company)
Document Retention (including litigation hold procedures)
Data Security (written guidelines and reporting procedures)
Data Confidentiality (signed by employee)
Non-compete agreements (if applicable)