Last week we learned, thanks to a filing in Massachusetts Federal Court, that more than 100,000 documents had been stolen from chipmaker AMD by former employees who allegedly attempted to ferry the documents to rival chipmaker Nvidia. Assuming the allegations prove true, the blame can be assigned to any multitude of factors, but I would argue that institutional IT practices were, in part, at fault.
Simply put, in today’s climate of fierce competition, massive compact storage, and vast cultural acceptance of piracy, allowing employees to use external storage devices is a massive risk. I would argue that while blacklisting external storage devices from your corporate network and ditching burnable media can create headaches, it is worth the added security, in many cases.
Of course there are plenty of ways dishonest employees could steal documents. They could zip them up in a password-protected encrypted ZIP file and email the file to themselves. They could do it the old-fashioned way by printing paper copies. They could physically steal hard drives.
But all these approaches are easier to detect and require much more effort for the would-be thief. Simply put, many dishonest employees who might steal documents if it was as simple as a copy and paste operation would likely not commit themselves to such extreme efforts.
It seems that every year brings new reports of data loss in the private and public sector via USB sticks and burnable media. (See: Wikileaks Gives IT a Wakeup Call.) The madness will stop only when IT departments and employees accept a certain level of inconvenience in exchange for a stronger guarantee that an employee cannot easily and wantonly mass-copy proprietary materials off the network onto their media of choice.
With the rise of the internal storage cloud, there’s no real need for external storage devices or burnable media. In addition to being a risk to intellectual property and trade secrets, these devices also are a risk to security. Many of the more sophisticated recent pieces of malware have spread to workplace environments via infected USB devices.
But blacklisting external storage alone is not a one-stop solution. Network monitoring is equally important. You have to wonder how hundreds, let alone tens of thousands, of files could be transferred to an external storage device, without raising immediate red flags.
Thanks to the success of BYOD, it’s hard to prevent employees from attaching their tablets and laptops to your network -- and its files. (See: Reject BYOD for the Right Reasons, Not Out of Fear.) Without responsible tracking, BYOD delivers yet another route to data loss, by effectively offering employees a new kind of insecure, easily attachable storage.
Of course, these are just general guidelines. IT departments require unique permissions to do their work quickly and effectively. And it will be near impossible to regulate external storage devices attached to employee-owned BYOD hardware.
Smaller companies may have trouble tracking file transfers. In these cases, it may be most important to carefully store and back up network logs; at a later date, audits can spot suspicious file activity. External audits may be useful in spotting such suspicious activity, if your company lacks the dedicated resources to perform them internally.
With network monitoring and a concerted effort to replace insecure external/burnable media with cloud storage, you can deter most data theft plots. And if the worst case does happen -- an employee makes an attempt to steal your trade secrets -- you will be able to spot it and take action far faster and more discreetly.
— Jason Mick is senior news editor at the independent tech news site DailyTech.