Media headlines are meant to attract attention and this recent one certainly caught mine.
“All firms are vulnerable to IT theft”
The first paragraph also made for scary reading. “Huge damage has been caused to governments and private organisations by employees downloading or stealing often top-secret information”
The author Peter Cullen of Cullen – The Employment Law Firm cites instances of theft of information by employees. It seems no-one is immune though a July 2016 article in the Risk Management Monitor suggests that smaller companies are more vulnerable “because of the trust and empowerment given to employees.” Although this article is more about financial fraud, the same principles apply to any employee fraud.
This is why it’s important to have policies and procedures for managing your business-critical information no matter if you are a small businesses with just a few employees or a large government agency. The examples cited by Peter Cullen show the cost in time and money to rectify the loss and to recreate the stolen information.
It’s also important that in larger organisations with document management systems that staff actually use the systems and don’t store business-critical information on C Drives or on portable storage devices. How the use of document management system is encouraged or enforced will depend on the culture of the organisation. You can’t take a heavy handed approach that might have everyone thinking you don’t trust them; and trust is absolutely crucial to getting people using document management systems.