This interview, How To Protect Company Data When Laying Off Remote Workers, originally appeared in SHRM Online, the publication for the Society for Human Resource Management, where BIA’s Brian Schrader talks with Roy Maurer about what employers should do to protect company data when letting remote workers go. In a lockdown period when so many have made the sudden switch to working from home, or otherwise find themselves holding their company’s devices, these data protection considerations are more important than ever.
Brian describes steps companies should take at or before an employee’s exit: disabling the employee’s accounts and access to systems, both electronic and physical; targeting and wiping company data that may reside on the employee’s personal laptops, phones, or tablets; providing all shipping materials for sending company devices back as quick as possible; holding returned devices for at least 3 months before reissuing them to the next user; and deciding whether to forensically image returned devices as an extra precaution.
Forensically imaging devices may be necessary when extra-sensitive information or data from high-level employees is at stake. If there’s suspicion of data theft, harassment claims, criminal conduct, or other inappropriate behavior by an employee, a forensic audit of that employee’s data may be warranted. Digital investigations by forensic experts will analyze all files, deleted documents, and system information for how (and what date/time) any data was transferred or bulk-deleted, whether suspicious software was added (or removed), whether any online repository systems were accessed, and more. If the company is ever involved in litigation, the employee’s data could be collected as part of discovery.
In the interview, Brian explains how the U.S. differs from other jurisdictions in that the employee generally has no privacy right to data that they put on a company-owned device or system.
Well-crafted and well-communicated Policies can save your data.
Best practices for company data protection starts before the employee’s exit, or even before the hire. BIA strongly recommends establishing company policies specifically relating to data theft and data retention. Many employees mistakenly think the data they create and manage on the job belongs to them, but it’s also up to the company to create—and make clear—their policy on data theft. Indeed, many employees suspected of committing data theft often do not realize they had violated a company policy.
Your policy should state clearly what data the company owns, how the company protects and secures that data, and what the company expects of employees. Having employees sign agreements about these policies—preferably when hired, but even during the course of employment—and conducting employee questionnaires upon departure about data storage, device usage, and encryption passwords will help your company identify and remediate company data. Upon exit, the employee can follow clear processes, and the company can make an informed decision about performing a digital forensic audit.
Leave it to the experts.
The experts at BIA are pioneers in the field of digital forensics investigations. We assist clients every day with computer forensics, mobile phone and smart device investigations, and any other type of digital forensic audit. We can analyze your systems for hidden data, obscured activity, and other digital objects that relate to any possible evidence in your legal case, investigation, or regulatory matter. We also have legal experts who can advise you about everything we find—or everything you suspect is missing. Whether your employees are WFH, WFW, or WFBeach in Cabo, BIA can help you construct corporate data policies, navigate remote layoffs, and prepare for any future discovery or other legal consequences.
Protect Company Data
Read more about how to use forensic investigation services to corral your company’s data.