Tightening the Loose-Ends Around Data Confidentiality

From water cooler chit-chatting to butting heads over data thefts, the issue of confidentiality and transparency has transfused a reasonable debate into our workplaces. 

Many employees succumb to the temptation of reading one version of their company’s code of ethics and practicing another. And we couldn’t blame it entirely on them. While most of these IP-protection safeguards are copy pasted from dubious sources, little is done both from the employer’s and the employee’s end to ensure these guidelines meet acceptable ethical standards or are even understood to begin with. The to-do list seldom recommends factors that the company considers critical. To make the matters worse, rather than being proactive about the issue, organizations tend to rely on the punishments for deviant behaviors and the employee is left ruminating— “Having known the competitive value of company secrets and following consequences of a leak, would I still go ahead and take the chance?”

For most of us, the answer would be a sure short —No! Provided you have a hidden streak of masochism and you wish to get perpetually blacklisted, pay unaffordable settlements, or worse, go behind bars. For a few others, however, the pinch of vengeance supersedes their common sense. Our courts are brimming with cases that show vengeful doing on part of workers to draw blood from their pay-masters. From copying information to thumb drives, anomalous email correspondences, untimely accessing company data, provoking peers to join in the act, staying in touch with rival companies, showing a tendency to steal classified documents to causing damage to existing information flow, they have crossed the line far more than they should ever have.  

A former Apple employee, Xiaolang Zhang, was charged with stealing the self-driving car circuit board plan. He had planned to work for a Chinese self-driving car start-up and was running away with the secrets. Elon Musk, the CEO of Tesla, filed a lawsuit against the former process technician, Martin Tripp. The former employee had hacked the company’s trade secrets and information and went ahead to transfer it to third parties. And all this, because he was reassigned to a different job. 

And it doesn’t end there. The symptoms are indicative of an upcoming resignation with a possible information cross-over to the unadvised rival territory. It’s easy to lose sight of what should be done let alone how. If that is the case, we suggest you take a look at our easy-to-apply guide on preemptive measures for reducing data thefts:   

• Perform a risk analysis to identify theft prone classified information.
• Stack confidential information as per an order of significance.
• Build data supervision centers.
• Create electronic access limitations for people employed on an ad-hoc basis.
• Insert understandable confidentiality clauses in employment agreements, policy memorandums etc.
• Limit handheld device usage within official premises.
• Audit the policies regularly.
• Conduct employee training on the issue for a lasting understanding of the subject.
• Cut access to email accounts for outgoing personnel.
• Store email accounts of departed employees for possible future investigation.
• Scan employee devices of exiting professionals to ensure adherence to company policies.

The entire exercise is a practice; it doesn’t end at incorporating stringent sounding measures. The human resource practitioners should intervene in cases when they see trouble coming. Their plan should ideally comprise of the following:

• Communicating employees their post-employment obligations. For a subtle delivery of the message, the same could be conveyed through a notice letter.
• Getting the staff to submit a hand-written declaration of not passing insider info into wrong hands.
• Agreeing on additional terms and conditions to position company motives atop, stating post-employment restrictions.

With a clear stand on such issues, both the employer and employees could have an amicable, no matter the quality of heretofore, association.