How to Keep Company and Employee Information Safe

How to Keep Company and Employee Information SafeHow to Keep Company and Employee Information SafeRight now, someone within your company may be accessing confidential corporate information either dishonestly or by accident. In the news virtually every week, you read about large, well-known companies suffering from the loss of sensitive corporate information at the hands of employees. Given that Human Resource departments often hold the key to valuable corporate and employee information, the risk of data breaches presents unique challenges for HR. Fortunately, through simple and effective internal threat management procedures, HR can help prevent employee information leaks from happening to their company. unterstellung procedures will protect employees most confidential and valuable information from being exposed to unauthorized parties. Be aware of where critical employee information and corporate data are located and who has access to them.Develop an acceptable use policy for all em ployees that outlines appropriate use of corporate assets and employee information. The policy should also outline the company procedures when a violation takes place.Consistently enforce policies and procedures.Regularly review and revise existing policies to ensure all necessary policy changes and additions have been addressed.Ensure your company has an internal incident response plan and the appropriate resources in-house to handle an incident of employee information or corporate data loss or access by unauthorized employees or outsiders. What Not to Do If a Data Breach Occurs If the worst should happen and your company does experience a situation where sensitive data is leaked or lost, dont fall prey to common mistakes such as turning on an employees computer to check around. Turning on the computer or any electronic device involved may destroy eignung evidence. Here are ten common ways a computer forensics investigation is compromised. Company employees Boot Up the Comp uter Turning on a computer thats relevant to a case can overwrite sensitive files that may be important to your companys case and change important timestamps. Compromised computers should not be used at all and should be stored in a secure location until it can be handed over to a computer forensics expert. Turn Off a Relevant Computer If a computer is running at the time it is discovered to be relevant to a data breach or investigation, it should be powered down in a way that will be least damaging to potential evidence. The only person that should turn off a suspected computer is a certified computer forensics expert or an IT employee under the supervision of such an expert. Browse Through the Files on a Computer Resist the temptation to snoop, even with the best intentions. HR may know exactly where to look, but its the act of looking that causes problems for retrieving untainted evidence. Browsing through files may cause file times to change which may make it impossible to tell exactly when an important file welches deleted or copied from your companys network. Fail to Use a Computer Forensics Expert Your companys IT department is not a computer forensics department. In fact, asking the IT staff to conduct even routine checks into a systems files can destroy potential evidence. A professionally trained computer forensics expert should be retained for the handling of all sensitive data. Fail to Involve All Parties In-house counsel, IT staff, and every business player involved with the case should be included when conducting electronic discovery. Failure to involve all parties can result in overlooked or lost data. Fail to Learn the Lingo Even tech-savvy support professionals may become confused by the expanded vocabulary used by computer forensics experts. It pays to become familiar with the new language. Dont Make a Forensic Image of the Computer(s) Involved Imaging is the process in which you create a complete duplicate of a hard drive. This is done for the purposes of copying a complete and accurate duplicate of the original materials, with no risk of flawed or overlooked data. Copy Data in Cut and Paste or Drag and Drop Methods It is true that you can buy an $80 external USB hard drive and copy your data to it. However, this process does not preserve the unallocated space (where deleted files reside) and will change the file times and other data on the files that have been copied out. Wait to Preserve the Evidence The longer a computer is in operation without any preservation, the more likely that the data that is relevant to your companys situation may be permanently altered or overwritten. Always preserve your electronic data the moment you believe that litigation is possible. Fail to Maintain a Proper Chain of Custody Not documenting who had access to the electronic evidence after the alleged incident can lead to problems down the road. Opposing parties can poke holes in the collection and p reservation process. They can argue that the data could have been altered on the device while the computer was not securely stored and unused. You can protect the integrity of your corporate data and employee information for purposes of litigation, restoring and protecting against data loss. Just follow the rules shared here to maintain the integrity and not compromise the usability of your electronic devices and their stored data. - Jeremy Wunsch is the founder of HelioMetrics, a computer forensic and data breach investigation company.