Tips to prevent data pilfering

Have a mobile security policy to mitigate security risks by preventing staff from walking away with confidential company data, says security expert.

Carrying 640 reams of paper out of the office may raise a couple of eyebrows but not 16 gigabytes of data right in your pocket.

That is why companies need to have a mobile security policy to ensure that employees do not leave the office with confidential or vital company data, said IT security vendor Check Point.

The proliferation of portable storage devices, such as the flash-based thumb-size USB drive, is making it easier for employees to steal company secrets. If left unchecked, it could snowball into a serious problem for companies.

"Many can now carry 16 gigabytes around with them in their pockets--which compares with 640 reams of paper in your pocket. At this estimation, it's not surprising they can become a serious security risk," Martin Allen, a spokesman for Check Point, said in a statement Friday.

Check Point highlights four areas to consider when rolling out a mobile security policy to prevent company data leakage.

1. Educate staff
Ensure that employees are aware of the security and legal implications of downloading sensitive or competitive information.

2. Leave no one and nothing out
Include the management of all mobile devices in your security policy and specify that all staff have to sign the security policy. This is to ensure that they will not download sensitive or competitive information, nor will they use this information to take to their next job. Don't forget to have the appropriate software to enforce the policy in place.

3. Prevention is better than cure
Secure computers with efficient and cost-effective software, if you have sensitive information that you do not want downloaded, and encrypt all USB storage devices that are connected.

Use encryption software that does not impair the use of the device and make sure employees cannot by-pass the encryption. Therefore, it needs to be transparent to the user, and also quick and easy to use.

4. It works both ways
Remember that security is a two-way process; you need to have your staff on your side. Therefore, complement sensible and workable policies with centrally controlled security technology, and build trust and understanding with employees.