Connect with us

Tech News

How employees can steal your sensitive data and try to mask the theft

Whether your client list or client files, you have sensitive data on hand – how could an employee steal it, and how can forensic specialists recover it?

Published

on

backspace delete button

You and your team have data that must be protected

No matter your industry, you likely have information somewhere, be it a smartphone or laptop, that is sensitive. Maybe it’s credit card transaction data, perhaps it is client contracts or applications, maybe it’s something as simple as a confidential document shared casually between coworkers.

What happens if one of your employees leaves and takes your entire client list or attempts to cover up mistakes by altering documents? The good news is that all of this can be traced.

bar
To find out how, we talked with Chuck Snipes, a computer forensics examiner at DSi, one of the nation’s leading providers of advanced electronic discovery and digital forensics services. As a former cybercrime detective and consultant in outside investigations and criminal cases, he often serves as a testifying expert witness and has extensive experience in cybercrime investigations, digital evidence and data recovery.

In his own words below, he will explain why not even deleted documents are unrecoverable, how forensic specialists like him find altered data, and how to handle the tricky topic of employees using their own devices at work:

Anything typed can be recovered

Did you know that almost anything you – or your employees – type on a computer or device can be recovered? Sure, you can delete files, but digital forensic experts can retrieve fragments of documents and use them to reassemble the information. Scary, right?

It’s not always a bad thing. For example, sometimes employees take confidential information – such as contact lists, accounting spreadsheets with proprietary formulas or organizational documents – with them to a new job. As a worried business owner, you can rest assured. That information is often retrievable, even if the former employees rename or hide the documents, and it makes for sound evidence in court.

So, what do you need to know to safeguard your company’s data? Let’s take a look.

What ways can data be altered or deleted?

  • The most common attempt to get rid of information is to rename a data file or change the file extension (i.e., from .doc to .jpg).
  • One can also alter data by compressing the file and password-protecting it, which renders the file almost impossible to access without the password. Key word: almost.
  • Those who are more technology-savvy might alter data by embedding text in a string of data or using encryption software.
  • Regarding deletion, many think that emptying the recycle bin on their computers permanently discards unwanted data. That’s not actually the case. Even if you run a deletion program, data may be retrieved, especially if your company keeps a log of emails and data at the server level to retain a trail of communications.

How can digital forensic specialists find the altered or deleted data?

  • Computer forensic consultants use a combination of sophisticated hardware tools, software programs, training and experience to retrieve and unlock data, including password-protected files.
  • Even if users try to overwrite files on a hard drive, some fragments of the file may remain at other locations on the drive. Experts can take apart a forensic image of the drive and identify file fragments to reassemble the information.
  • A lot of information is stored in computers, and forensic professionals can usually see what a computer was used for, when it was used, what documents were accessed and when, as well as changes to the metadata (such as the title, subject or authors).
  • When a file is deleted, many people think it’s gone forever. It’s not. What’s erased is merely a pointer to the files, which tells the operating system to no longer include that information in file listings that the user sees. The content still exists on the hard drive until it is overwritten. This is also often true for items on mobile devices, like text messages.
  • If a wiping program is used, it still can’t account for backup services, so forensic specialists can use software to detect if these wiping programs were installed and/or used. If so, backed up copies of the deleted file can be accessed.
  • Even if the device is protected by thumbprint, forensic professionals can often access the corresponding iCloud account through legal process. The account typically has copies of everything.

What steps can you take to prevent employees from taking information with them when they leave your company?

  • Create a written agreement that lists the owner(s) of the data and provides guidelines for what data can and cannot be taken by an employee.
  • Be selective on who is granted permission to company data – and segregate your data for different levels of access privileges. Keep a detailed log in place that includes who accessed which computer or device, what was done while using the device, when it was done and more.
  • Put written security guidelines in place that detail how data is to be stored and transmitted. Don’t forget to include guidelines for portable items that contain data, such as USB devices, laptops and smartphones.
  • Create and enforce an information governance (IG) policy, outlining what data to preserve and how to maintain it. Your IG policy should also specify a defensible deletion process for the data you don’t need. Information can’t be stolen or mishandled if you don’t have it, so don’t collect and retain sensitive information that you don’t need.

Can employers collect business information accessed by employees via personal devices, and vice versa?

  • Employers have the right to see what is on company devices. Yet, if a company wants to access personal information on company computers, it’s best to consult with an attorney before taking any action. To avoid complications, many businesses implement a policy that states there should be no expectation of privacy for anything accessed via a company-owned device.
  • Company information on personal devices can be accessed by the company, too. And many businesses have employed a specific policy for dealing with the Bring Your Own Device (BYOD) phenomenon.

How can companies manage BYOD issues?

  • Implement a data ownership policy that fully discloses company procedures and ramifications. For example, implement a policy that all devices must be controllable from within the organization. This grants the employer the right to monitor employees’ activities on the device, and it ensures that, should a device be stolen or an employee terminated, the IT department can remotely lock or wipe the device.
  • Allow only devices that will actually be used for company purposes to connect to the corporate network.
  • Ensure that all devices granted access to the corporate environment meet established security and policy requirements. For example, companies may require that portable hard drives or flash drives be inspected before leaving the premises to make sure no company data is removed from the building.

Creating and implementing a well-documented strategy for maintaining confidential information and having technological safeguards in place will make it much harder for an employee to steal data. In the event that an employee is able to sneak out data, the right logging and backup systems will enable forensic personnel to prove theft. When used as evidence in court, the proof of a theft may allow for retrieval of the information and sanctions against the person(s) who stole it.

The takeaway

Chuck Snipes outlines above the sensitive nature of data, and highlights just some of the ways experts like him can prove theft. If you suspect a former employee is or has accessed, altered, or taken data, you’ll need to call in the experts. Contact Chuck at DSi to find out how they can strengthen your position and keep your data safe.

Remember that everything typed, saved, altered, transferred, or deleted, isn’t gone forever – forensics experts know how to find it.

#DeletedData

The American Genius is news, insights, tools, and inspiration for business owners and professionals. AG condenses information on technology, business, social media, startups, economics and more, so you don’t have to.

Continue Reading
Advertisement
1 Comment

1 Comment

  1. Pingback: Retailers struggle as theft rises (and it's not kids pocketing things) - The American Genius

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News

Google begins evolving Hangouts into Google Chat

(TECH NEWS) Google is transitioning from Hangouts, and Meet to Chat to offer what they think consumers want. No more competing with themselves.

Published

on

Google chat

What is your favorite instantaneous way to communicate with your team these days? Phone call, text, video call, group text message, email, or instant message?

It might depend on the team members and their preferences, but organizations and business owners run the gamut on IM (Instant Messaging) software: Slack, Skype for Business, MS Teams, and Google Chat to name a few. There have also been several that worked well for smaller companies and startups like HipChat by Atlassian. These are often used in addition to still meetings, conference calls, and emails but depending on the culture of the organization, they may love IM, and require it to have a wider range of capabilities that just copy (i.e. photo and file attachments, groupings, privacy settings, focused team, or group channels)

To be fair, there are varying degrees of interest by employees in instant messaging. Some love the idea that you can quickly reach out to a coworker and ask a question, and some find it bothersome and would prefer an email so they can file and sort topics easily (or if it’s really that quick, a phone call or stopping by to ask – if they are in the same space – not COVID-19 alternative working).

This begs the question, does IM allow for more remote working capabilities, and does that mean Google is on to something that they may have just hit the right time and need? The truth of email is that we are becoming less and less interested in reading long forms of copy, and want the information quickly.

Google consolidated their people working on communications tool to one team and is moving Hangouts to Google Chat as well as quickly integrating Google Meet for everyone (you can start a video meeting from within your Gmail, so think Zoom but not having to leave your email – assuming you’re on the G-suite).

If timing is everything, this could be a really smart move for them. Do you even remember Google Hangouts? This was a product launched originally as a feature of Google+, and then became a stand-alone product in 2013. It incorporated video and voice call capabilities for individuals or groups. The thing is, in 2013, I think many people were still using IM through their work email (which was dominated by Microsoft Outlook and PCs). For whatever reason, people just weren’t really using it that way. Most likely people could use it with their internal teams, but would have to use Chat for external users.

The history of Instant Messaging is kind of fun to review – starting with AOL in 1997 when they launched AIM. Now pretty much every platform has a version of the instant message, and people are extremely accustomed to short exchanges and ways to reach out quickly. People frequently use text, Twitter, iMessage, GroupMe, and Facebook Messenger among other ways to quickly reach out, break through the clutter, and hopefully hear a response back pretty quickly.

It appears that Google hopes to offer the capabilities that their users need – when they realized it seemed that business users were using Chat within their organizations, but having to use Hangouts to speak to those outside of that company. Right now, this is only for business users, but they are likely to see how to roll it out to all customers now that they’ve added the Meet capabilities.

According to Android Police, “Furthermore, it’ll soon be possible for G Suite users to message other G Suite users from outside their organization starting May 26. Anyone not in your company will have an ‘External’ label next to their name in the Google Chat UI so there’s no confusion. You’ll also be able to add any contacts to group chats so long as you designate them as ‘External.’ This will only apply to new rooms, though — any you’ve already created will have to remain internal-only rooms.”

It looks like Google is working on getting rid of Hangouts for good, and broadening Google Chat, but there could be some other products in the meantime. Will this change how you use your G-suite?

Continue Reading

Tech News

A look into why AI couldn’t save the world from COVID-19

(TECH NEWS) AI is only as powerful and intelligent as the teams building it, but we just don’t have the data yet. So perhaps, we just aren’t there quite yet.

Published

on

COVID-19 AI

Even in the best of times, the human race can hardly be defined by our patience in the face of uncertainty. COVID-19 has rocked our feelings of safety and security. Hospitals have struggled to keep up with demand for care, and researchers are working tirelessly to create a vaccine. Early on in the fight against this virus, some looked to artificial intelligence technology to lead the pack in finding a solution to the global health crisis, but science takes time and AI is no different.

Over two months ago, when COVID-19 was still most prevalent in China, researchers were already attempting to use AI to fight the virus’ spread. As Wired reports, researchers in Wuhan, China attempted to screen for COVID-19 by programming an AI to analyze chest CTs of patients with pneumonia.

The AI would then decipher if the patient’s pneumonia stemmed from COVID-19 or something less insidious. This plan failed for the same reason many pursuits do – a lack of time and data to pull it off.

The United Nations and the World Health Organization examined the lung CT tool, but it was deemed unfit for widespread use. The lung CT tool, and all other AI driven projects, are limited by the humans designing and operating them.

We have struggled to collect and synthesize data in relation to COVID-19, and as a result tools, like the lung CT scans, cannot hope to succeed. AI is only as powerful and intelligent as the teams building it, so perhaps, we just aren’t there quite yet. Our tenacity and optimism continue to drive AI forward, but progress can only be sped up so much.

Like all science, AI has its limitations, and we cannot expect it to be a miracle cure for all our problems. It requires data, experimentation, and testing just like any other scientific pursuit. There are many problems to unlock before AI can be a leader in the driving force for positive change, but its shortcomings do not outweigh its potential. AI couldn’t save us from COVID-19, but as researchers continue to learn from this global event, AI may still save us in the future.

Continue Reading

Tech News

Chrome can now group and color code your open tabs

(TECH NEWS) Do you have too many tabs, and can’t tell what’s what? Google has tab groups that make it easier to find what you’re looking for.

Published

on

google tabs group

Are you a tab collector? That’s Google’s name for people who have tabs upon tabs upon tabs open on their Google Chrome browser. And while third party apps are already available to help collectors manage tabs, Google is now stepping in with Tab Groups.

Tab Groups, try it here, allows users to color-code, group and add text or emoji labels to separate clusters of tabs in their browser.

Right-click on any tab and choose Add to New Group. A gray dot will appear to the left of the tab and outline it in the same color. Clicking on the dot lets users update the color, label and name the group. Once grouped together, the tab groups can be moved and reordered. They’re also saved when Chrome is closed and reopened.

Google said after testing Tab Groups for months, they noticed people usually arranged their tabs by topic and that appeared most common when people shopped or were working on a project.
“Others have been grouping their tabs by how urgent they are, “ASAP,” “this week” and “later.” Similarly, tab groups can help keep track of your progress on certain tasks: “haven’t started,” “in progress,” “need to follow up” and “completed.”

Of course, this new feature does nothing to dissuade users from opening too many tabs, despite research that says multitasking may change the structure of your brain and Chrome is notorious for using too much RAM. So now you can’t concentrate, and your computer is running hot and slowing down.

A solution? Use Chrome extensions such as The Great Suspender, which suspends tabs that have been inactive for a specific amount of time. Don’t worry, you can whitelist specific websites so if you always need a tab for Twitter open, it won’t be suspended.

Another tip is to focus on one task at a time using the Pomodoro Technique, breaking tasks and your workday into 25-minute bursts of productivity with five-minute breaks in between. FocusMe uses a timer and website blocker to reduce the risk of getting distracted. You’re on the internet, after all.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!