Insider Risk and the Great Resignation: Preventing Critical Data Loss When Employees Leave

Here are some sobering facts about the risks of departing employees:

The ex-Pfizer employee is one of tens of millions of people around the world who have quit their jobs in recent months, as part of a global wave of departures called the “Great Resignation.” As the Pfizer lawsuit underscores, when people change jobs, they often take intellectual property with them. Most of the time, organizations have insider risk management programs, DLP products, and IT and HR processes in place for when employees are terminated. But are you ready for when the employee or contractor resigns?

Of course, not every person who quits their job will steal, lose, or misplace your data. But the fact remains that it’s quite easy for anyone with access to download, email, or move valuable IP to their personal devices or cloud accounts. In light of this growing phenomenon, the best defense is a good offense.

Due to the upheaval precipitated by the pandemic, people are reevaluating priorities, looking for more money or opportunity, different bosses, or to be closer to family or a more desirable location. The departing employees tend to fit into three types of “leavers:” those who are disgruntled or frustrated, ignorant of corporate policy and confidentiality agreements, or feeling entitled to the proprietary data and want to use it to advance at their next job. Just ask Pfizer.

  1. Prepare for potential data loss as soon as the employee or contractor was hired. If you wait until they resign, it’s too late.
  2. Make sure your security program and solution set give you visibility to employee interactions with data. The best insider risk solutions provide user monitoring and a granular timeline of user activity right up to the moment the employee leaves. This timeline should give you insight on web searches for new jobs or resume-writing tips, which are digital tells of a potential job-leaver.
  3. Don’t rely on detection of suspicious activity alone. Proactively prevent data theft with analytics that help identify risky behavior—for example, an uncharacteristic transfer of a massive number of files or copy/pasting of sensitive data from one document into another.
  4. Use existing investments in security, HR, and communication tools to inform the behavior analytical models, improve accuracy, and further enable proactive action.
  5. Integrate the behavior analytics (aka UEBA) and user activity monitoring (UAM) with data loss prevention (DLP) to automate security blocking policies before the breach or loss happens.

By bringing together proactive measures with analytics, user monitoring, and enterprise-wide enforcement policies, you can simplify data security and ensure the right program and tools are in place before and when any employee leaves. Don’t wait until the employee notifies their supervisor or HR to act. The health and viability of your organization depends on your ability to spot risk when employees resign and stop anything bad from happening before they leave.

We recommend the following strategy to mitigate the security risk of departing employees and contractors:

Visit Forcepoint Insider Risk Solutions for more best practices on mitigating risk and preventing data loss from the Great Resignation. Or schedule a demo with a Forcepoint Insider Risk Solutions expert. 

This post was first first published on Forcepoint website by Michael Crouse – PMP, ITPM. You can view it by clicking here