Do you know what industrial espionage costs U.S. businesses each year? I didn’t know either, however I just read an article that blew my mind.
According to Symantec, industrial espionage costs U.S. Businesses $250 billion each year. This is not just large enterprise businesses either. According to Symantec, targeted cyber-attacks saw a 42 percent increase in 2012 with 31 percent of those attacks aimed at businesses with less than 250 employees. That is phenomenal! Hackers are attacking everyone.
There has been a lot of media buzz about IT security threats and data theft this year, yet most of it is about external threats. China, Russia, and Eastern Europe have been all the hype. With all the media coverage and buzz, we often overlook one of the most popular intellectual property thieves: your employees.
Symantec says the average Intellectual Property thief is:
- A current employee
- 37 years old on average
- And they are employed in a technical role
Symantec also says that in about half the cases the employee stole trade secrets, followed by business information such as billing information or price lists. In other cases it was source code or proprietary software, as well as customer information or business plans. In 75 percent of the cases the thief had authorized access to login and find the information they wanted. The thefts typically occur during working hours at the work site.
About two-thirds of the time, the intellectual property thief has already secured employment somewhere else and in some cases has already given their employer notice. Just think, the thief was employed by you, accepted another job and was taking all your confidential information before they departed your company.
“Do you trust your IT staff more than your attorney?”
I want you to really think about this one- who has access to all of your company’s confidential data? Your IT staff. Most likely your IT staff can login to your email and read anything they want. They can login into your accounting software and see detailed client accounting information or get into the payroll system to see payroll data. They can find patent information and they can find employee and customer data (i.e. Social Security numbers, bank account info, etc.).
In reality, most IT staff has your life and business in the palm of their hands. If there is anything they want to find out about you, your business, or your employees… they can.
Could it be that your IT staff knows more about you and your business than anyone – including your attorney? There is one key difference between the two professions: your IT guy doesn’t have an oath or code of ethics and your attorney does. Your business may have a confidentiality agreement or a non-disclosure agreement of some sort with your staff, yet that’s not a fix if the data is already exposed. You really don’t think about how to protect yourself with best practices until something really important is leaked. Then you realize what other steps may be necessary to help protect your data and company.
How do you protect yourself against this? One solution is to work with an IT company that has the correct business processes in place to help minimize this from happening. Businesses all over the world are switching to a managed IT model versus having so many IT staff onsite to keep things running. More and more companies are realizing the importance of keeping highly-skilled staff focused on how to make their productivity software hum rather than dealing with server, storage, security, network issues, etc.
So what’s the best way to minimize IT security threats?
Work with a technology company that has experience implementing a solution that oversees your environment in real time, rather than an annual check-up/audit, and have a managed IT services partner that can help you improve password protection and administer access to various levels of secured data.
Overall, as a business, you are putting yourself in a better position by working with a managed IT services provider vs. having onsite IT staff dealing with low value tasks. These low value tasks accrue which leaves minimal time for them to keep up with the necessary technology certifications and best practices.
Companies who utilize our managed services program often find they receive better service and minimize risk – I think this is one of the reasons our managed IT services practice grew over 40 percent last year. Clients often feel they receive greater service and feel their IT requests are treated as a high priority, not as an inconvenience.
