IT needs to get vigilant on staff data theft

There's been a couple of notorious cases of data theft in recent weeks.

There's been a couple of notorious cases of data theft in recent weeks.

There was the case of Vodafone Australia staff allegedly selling log-in details to access millions of customer records.

And Telecom New Zealand reportedly found its Wireline database being used by rival Slingshot.

The Telecom/Slingshot case certainly highlights the value of such data, with Slingshot claiming to be the fastest growing telco in New Zealand, gaining 160,000 customers in two years.

No wonder Telecom New Zealand is unhappy about such breaches as Slingshot staffers allegedly using the database to take customers.

Obviously somebody is behaving unlawfully and unethically somewhere: certainly, in Vodafone Australia's case, staff have been fired.

In the past week, Deloitte in New Zealand warned that data theft was on the increase and it too noted the culpability of staff.

The use of portable devices like USB sticks and the use of social-networking sites makes such theft easier.

The economic downturn has also led to disgruntled employees helping themselves to information to their own advantage or getting back at a former employer.

By far the most typical situation was people taking information such as client details to a new company, forensics partner Barry Jordan said, adding that "people are not seeing it as a crime".

Indeed, Auckland-based Computer Forensics confirms that staff are behind many of the data loss incidents.

There are various tools IT departments can use to help detect such crimes, ranging from software to a simple keystroke logger like the Christchurch-made KeyGhost.

And people do get "caught", even if many employers might prefer to deal with the matter internally to avoid any embarrassment.

Certainly, as recent cases have shown, companies need to keep an eye on their staff.