Dear All,
I want to know what methods can be used to protect the confidential data from being leaked by exiting employees. Sometimes, employees carry information on CDs, pen drives, etc., when they leave. How can we protect against this? Any suggestions, please?
Regards,
Shilpi
From India, New Delhi
I want to know what methods can be used to protect the confidential data from being leaked by exiting employees. Sometimes, employees carry information on CDs, pen drives, etc., when they leave. How can we protect against this? Any suggestions, please?
Regards,
Shilpi
From India, New Delhi
Strange, forum members have no ideas or suggestions for this very common problem. Please share your views, ideas, or suggestions to help solve my problem. It would be great if you could share any practices adopted by your respective companies regarding this issue.
From India, New Delhi
From India, New Delhi
Good question. Many enterprises are facing this problem. Some IT solutions are available in the market that can prevent employees from copying, printing, sending emails, using MSN, or taking screenshots of confidential files and data. These solutions can also trace back to identify the individuals responsible for these actions. However, implementing such solutions can be expensive and challenging. It's a complex issue to discuss comprehensively here.
One simple method is to disable USB and DVD drives, but there are many loopholes associated with this approach.
Please let me know if you need further assistance or more details on this topic.
From Macao, Macau
One simple method is to disable USB and DVD drives, but there are many loopholes associated with this approach.
Please let me know if you need further assistance or more details on this topic.
From Macao, Macau
Rightly said Diabling Drives do have loopholes so what should we do? Can we go for some agreement which says about it or some Ethical Policy...................... Regards, Shilpi
From India, New Delhi
From India, New Delhi
Dear Ms. Shipli,
Season's Greetings. Kindly contact me via email for your posted query. My email address is sachinrgi@gmail.com.
Sachin G.
Lead 3 - Project Leader,
IT Network Security Specialist,
Asia Pacific Region, Google.
From India, Nagpur
Season's Greetings. Kindly contact me via email for your posted query. My email address is sachinrgi@gmail.com.
Sachin G.
Lead 3 - Project Leader,
IT Network Security Specialist,
Asia Pacific Region, Google.
From India, Nagpur
It depends on whether you *REALLY* want to protect the data or not. Most of the company's contracts include terms of NDA (Non-Disclosure Agreement). If you just want to have normal procedures for HR's responsibility, then work on the NDA or Ethical Policy. You will feel better, but the data will leak out as usual.
I have worked on this topic before, and as far as I know, there is no solution that can 100% prevent data leakage. We can only try our best to protect the data.
From Macao, Macau
I have worked on this topic before, and as far as I know, there is no solution that can 100% prevent data leakage. We can only try our best to protect the data.
From Macao, Macau
Hi Shilpi,
I do have software to protect the use of USB/DVD/CD RW/Floppy... But it would be a problem to implement it in all the systems of your company. Probably, if you have any system administrator, you can take his help!
Please find the description for the same and revert to me if interested!
Prevent information loss due to the unauthorized use of USB Removable Drives (Flash sticks, iPods, mp3, mp4), CD-ROM, CD-RWs, and Floppy. USB LOCK AP, with its simple and straightforward interface, has been designed with careful consideration to its effectiveness and usability.
Effective: USB LOCK AP is the tool of choice if you need to prevent information loss due to the unauthorized use of USB storage removable drives, CD-RWs, and Floppy, without blocking other USB devices like printers, mice, cameras, etc.
It is suitable for either home or business use (in cases when the user is allowed to manage his or her own security). Its anti-hack security works as a Windows Service at the Local System level, allowing the program to effectively run even on computers with no privileges.
Easy to use: USB LOCK AP allows the user to authorize or restrict, at his or her convenience, the use of USB storage removable drives, all CD-ROM/CD-RW drives, and Floppy Disk drives from its very easy-to-use, password-protected interface.
From India
I do have software to protect the use of USB/DVD/CD RW/Floppy... But it would be a problem to implement it in all the systems of your company. Probably, if you have any system administrator, you can take his help!
Please find the description for the same and revert to me if interested!
Prevent information loss due to the unauthorized use of USB Removable Drives (Flash sticks, iPods, mp3, mp4), CD-ROM, CD-RWs, and Floppy. USB LOCK AP, with its simple and straightforward interface, has been designed with careful consideration to its effectiveness and usability.
Effective: USB LOCK AP is the tool of choice if you need to prevent information loss due to the unauthorized use of USB storage removable drives, CD-RWs, and Floppy, without blocking other USB devices like printers, mice, cameras, etc.
It is suitable for either home or business use (in cases when the user is allowed to manage his or her own security). Its anti-hack security works as a Windows Service at the Local System level, allowing the program to effectively run even on computers with no privileges.
Easy to use: USB LOCK AP allows the user to authorize or restrict, at his or her convenience, the use of USB storage removable drives, all CD-ROM/CD-RW drives, and Floppy Disk drives from its very easy-to-use, password-protected interface.
From India
With information stored in a variety of security levels and locations across the network, access rights are numerous. It is advisable for a company to maintain a document that lists each employee's access to the company's information systems.
One more thing is to image the employee's hard drive when they leave just for security measure. Computer forensics experts can obtain a "mirror-image" of a hard drive, and businesses can keep a copy of the imaged drive for a period of time. After suspecting that an employee is leaking information, experts can trace the activities that have taken place on his/her hard disk. This is what we call ediscovery.
From India, Mangaluru
One more thing is to image the employee's hard drive when they leave just for security measure. Computer forensics experts can obtain a "mirror-image" of a hard drive, and businesses can keep a copy of the imaged drive for a period of time. After suspecting that an employee is leaking information, experts can trace the activities that have taken place on his/her hard disk. This is what we call ediscovery.
From India, Mangaluru
Mr. Sachin,
It seems you don't want to share knowledge publicly regarding the subject topic. That's why you asked to contact on your email. However, this will be unfair to other people. You should share the remedy for this problem with everyone if you truly have the solution.
Purshottam Saini
From India, Calcutta
It seems you don't want to share knowledge publicly regarding the subject topic. That's why you asked to contact on your email. However, this will be unfair to other people. You should share the remedy for this problem with everyone if you truly have the solution.
Purshottam Saini
From India, Calcutta
Hello, I've taken all confidential information from the places where I have worked. The best way to do this is once you decide you're going to resign, before giving resignation, collect all data on pen drives, CDs, and take it home easily. As an employee, you have been given the right to use pen drives, DVDs, CDs, etc., so no one can dare, and no one did stop me. I have all information of my past work, whatever I did in my old company, which I can refer to in the future.
After collecting data, give a resignation letter, and no one will block your access. If they block it, they are shooting themselves in the foot because I will tell you only to block the access to pen drives, CDs. How do I take a backup for your future reference? So, if you have brains, you can do anything. I have brains, and I do as I please, hehehehehe.
From India, Pune
After collecting data, give a resignation letter, and no one will block your access. If they block it, they are shooting themselves in the foot because I will tell you only to block the access to pen drives, CDs. How do I take a backup for your future reference? So, if you have brains, you can do anything. I have brains, and I do as I please, hehehehehe.
From India, Pune
Agreed with Ken Ho's comments on the NDA (Non-Disclosure Agreement) or Ethical Policy. You may include/insert the terms (in more detail) in the "Exit Interview Agreement." It's not 100% guaranteed to prevent data leakage, but at least we've tried our best to avoid the possibilities. :icon1:
This is a universal problem that has no easily implementable solution. You cannot restrict access to CD writers, USB drives, etc., as most employees need those functions for their day-to-day work. If your organization has sensitive data, which might include customer lists, new software development, other "trade secrets," etc., then you must ensure that every single employee in the organization signs a non-disclosure agreement, preferably at the time they are hired, and it is included in all the other paperwork processed when they commence duties. Staff also need regular reminders about respecting confidentiality and privacy rules. If you employ staff whose duties include producing written materials, developing software, research, etc., then you need to make sure they sign agreements stating that any work they do for the company solely belongs to the company, and they relinquish all ownership of the materials or inventions, etc. Finally, at the exit interview, you remind staff of their obligations regarding confidential company materials and that the company will have no hesitation in taking legal action in the future to protect its property.
John in Oz
From Australia, Melbourne
John in Oz
From Australia, Melbourne
Dear Friends,
I want to create a Payroll Software in Excel. If this is possible, please send me different types of formats such as Loan, Advance, Tour Notice, Tour Reports, and many other formats.
Thank you,
Sunil P.
From India, Ahmadabad
I want to create a Payroll Software in Excel. If this is possible, please send me different types of formats such as Loan, Advance, Tour Notice, Tour Reports, and many other formats.
Thank you,
Sunil P.
From India, Ahmadabad
Hi,
For your query, Mr. Sayed has provided a partial solution. In today's situation, this problem is common across almost all types of industries. To overcome this issue or reduce the risk of security breaches, there is an international standard available known as ISO 27001:2005. If possible, obtain the standard and review it. For any further queries, feel free to contact me at +91 9881068608 or via email at [imcpune@gmail.com](mailto:imcpune@gmail.com).
From India, Pune
For your query, Mr. Sayed has provided a partial solution. In today's situation, this problem is common across almost all types of industries. To overcome this issue or reduce the risk of security breaches, there is an international standard available known as ISO 27001:2005. If possible, obtain the standard and review it. For any further queries, feel free to contact me at +91 9881068608 or via email at [imcpune@gmail.com](mailto:imcpune@gmail.com).
From India, Pune
Hi,
Please ensure that all systems in your organization do not have the facility to copy to any pen drive or CD. If anyone needs to copy data, they must obtain permission from their boss, and the IT team can assist in copying the data from the system.
Regards,
Kiran Reddy
From India, Delhi
Please ensure that all systems in your organization do not have the facility to copy to any pen drive or CD. If anyone needs to copy data, they must obtain permission from their boss, and the IT team can assist in copying the data from the system.
Regards,
Kiran Reddy
From India, Delhi
Shilpa, sorry if I am repeating any of the points already made. If the data leak risk is really valuable, nothing beats effective monitoring by IT professionals on the traffic flow, especially tracking the exit guy's usage in the past 15 days or so. However, nothing works as effectively as vigilance from the next 1-2 levels of management. That's the key.
In our organization, we follow a practice of disabling drives and have a strict policy of need-to-know basis. Implementing a single login ID for all systems will facilitate easy monitoring.
In our organization, we follow a practice of disabling drives and have a strict policy of need-to-know basis. Implementing a single login ID for all systems will facilitate easy monitoring.
Dear Shilpi,
It is not practically possible to stop these things, but you should ensure that all the data from your office is kept in a system, organized under different folders. Instruct all other staff members to remove the data immediately after completing their work. It is important to trust your employees, counsel them, and build their confidence. This is the only solution.
Goodbye and take care.
From India, Delhi
It is not practically possible to stop these things, but you should ensure that all the data from your office is kept in a system, organized under different folders. Instruct all other staff members to remove the data immediately after completing their work. It is important to trust your employees, counsel them, and build their confidence. This is the only solution.
Goodbye and take care.
From India, Delhi
Dear All,
I am a permanent resident of Manjunathnagar, Bangalore, and my family consists of 5 members. As per the Rules and Regulations mentioned in the Ration Card/Fair Price Shop, it states that we are entitled to receive 2 LPG Gas (Indane) cylinders per month. However, our Gas agent in Rajajinagar I block consistently delays delivery and only provides one Gas Cylinder per month. Our delivery record, which is signed, confirms that to date, we have only received one Gas Cylinder per month despite continuous telecalls, requests, and follow-ups. Additionally, he does not permit cancellation or transfer to our nearest agent. Can anyone help me resolve this issue?
Regards,
Gajendran
9845184701
From India, Bangalore
I am a permanent resident of Manjunathnagar, Bangalore, and my family consists of 5 members. As per the Rules and Regulations mentioned in the Ration Card/Fair Price Shop, it states that we are entitled to receive 2 LPG Gas (Indane) cylinders per month. However, our Gas agent in Rajajinagar I block consistently delays delivery and only provides one Gas Cylinder per month. Our delivery record, which is signed, confirms that to date, we have only received one Gas Cylinder per month despite continuous telecalls, requests, and follow-ups. Additionally, he does not permit cancellation or transfer to our nearest agent. Can anyone help me resolve this issue?
Regards,
Gajendran
9845184701
From India, Bangalore
So finally, I think with all your replies, it seems that no very effective solution is available. Either we can go for disabling using drives/common systems on which IT keeps an eye, or getting an NDA agreement signed. Thanks for your cooperation. If you come across any other solutions, I request you to share.
Thanks,
Shilpi
From India, New Delhi
Thanks,
Shilpi
From India, New Delhi
It depends on how you categorize. If you have a good IT team, you can restrict the access according to position and designation. Locking USBs, CD-ROMs, restricting the use of pen drives, or accessing personal email on the internet is not a solution. This will make employees feel insecure and lack confidence in the company/management.
It's basically a trust bond and how management makes employees feel comfortable. Also, giving employees an opportunity to share their views on the subject openly or through a common email ID that can be used as a suggestion box.
BABUDADA
From India, Mumbai
It's basically a trust bond and how management makes employees feel comfortable. Also, giving employees an opportunity to share their views on the subject openly or through a common email ID that can be used as a suggestion box.
BABUDADA
From India, Mumbai
Looking for something specific? - Join & Be Part Of Our Community and get connected with the right people who can help. Our AI-powered platform provides real-time fact-checking, peer-reviewed insights, and a vast historical knowledge base to support your search.