Connect with us

Tech News

How employees can steal your sensitive data and try to mask the theft

Whether your client list or client files, you have sensitive data on hand – how could an employee steal it, and how can forensic specialists recover it?

Published

on

backspace delete button

You and your team have data that must be protected

No matter your industry, you likely have information somewhere, be it a smartphone or laptop, that is sensitive. Maybe it’s credit card transaction data, perhaps it is client contracts or applications, maybe it’s something as simple as a confidential document shared casually between coworkers.

What happens if one of your employees leaves and takes your entire client list or attempts to cover up mistakes by altering documents? The good news is that all of this can be traced.

bar
To find out how, we talked with Chuck Snipes, a computer forensics examiner at DSi, one of the nation’s leading providers of advanced electronic discovery and digital forensics services. As a former cybercrime detective and consultant in outside investigations and criminal cases, he often serves as a testifying expert witness and has extensive experience in cybercrime investigations, digital evidence and data recovery.

In his own words below, he will explain why not even deleted documents are unrecoverable, how forensic specialists like him find altered data, and how to handle the tricky topic of employees using their own devices at work:

Anything typed can be recovered

Did you know that almost anything you – or your employees – type on a computer or device can be recovered? Sure, you can delete files, but digital forensic experts can retrieve fragments of documents and use them to reassemble the information. Scary, right?

It’s not always a bad thing. For example, sometimes employees take confidential information – such as contact lists, accounting spreadsheets with proprietary formulas or organizational documents – with them to a new job. As a worried business owner, you can rest assured. That information is often retrievable, even if the former employees rename or hide the documents, and it makes for sound evidence in court.

So, what do you need to know to safeguard your company’s data? Let’s take a look.

What ways can data be altered or deleted?

  • The most common attempt to get rid of information is to rename a data file or change the file extension (i.e., from .doc to .jpg).
  • One can also alter data by compressing the file and password-protecting it, which renders the file almost impossible to access without the password. Key word: almost.
  • Those who are more technology-savvy might alter data by embedding text in a string of data or using encryption software.
  • Regarding deletion, many think that emptying the recycle bin on their computers permanently discards unwanted data. That’s not actually the case. Even if you run a deletion program, data may be retrieved, especially if your company keeps a log of emails and data at the server level to retain a trail of communications.

How can digital forensic specialists find the altered or deleted data?

  • Computer forensic consultants use a combination of sophisticated hardware tools, software programs, training and experience to retrieve and unlock data, including password-protected files.
  • Even if users try to overwrite files on a hard drive, some fragments of the file may remain at other locations on the drive. Experts can take apart a forensic image of the drive and identify file fragments to reassemble the information.
  • A lot of information is stored in computers, and forensic professionals can usually see what a computer was used for, when it was used, what documents were accessed and when, as well as changes to the metadata (such as the title, subject or authors).
  • When a file is deleted, many people think it’s gone forever. It’s not. What’s erased is merely a pointer to the files, which tells the operating system to no longer include that information in file listings that the user sees. The content still exists on the hard drive until it is overwritten. This is also often true for items on mobile devices, like text messages.
  • If a wiping program is used, it still can’t account for backup services, so forensic specialists can use software to detect if these wiping programs were installed and/or used. If so, backed up copies of the deleted file can be accessed.
  • Even if the device is protected by thumbprint, forensic professionals can often access the corresponding iCloud account through legal process. The account typically has copies of everything.

What steps can you take to prevent employees from taking information with them when they leave your company?

  • Create a written agreement that lists the owner(s) of the data and provides guidelines for what data can and cannot be taken by an employee.
  • Be selective on who is granted permission to company data – and segregate your data for different levels of access privileges. Keep a detailed log in place that includes who accessed which computer or device, what was done while using the device, when it was done and more.
  • Put written security guidelines in place that detail how data is to be stored and transmitted. Don’t forget to include guidelines for portable items that contain data, such as USB devices, laptops and smartphones.
  • Create and enforce an information governance (IG) policy, outlining what data to preserve and how to maintain it. Your IG policy should also specify a defensible deletion process for the data you don’t need. Information can’t be stolen or mishandled if you don’t have it, so don’t collect and retain sensitive information that you don’t need.

Can employers collect business information accessed by employees via personal devices, and vice versa?

  • Employers have the right to see what is on company devices. Yet, if a company wants to access personal information on company computers, it’s best to consult with an attorney before taking any action. To avoid complications, many businesses implement a policy that states there should be no expectation of privacy for anything accessed via a company-owned device.
  • Company information on personal devices can be accessed by the company, too. And many businesses have employed a specific policy for dealing with the Bring Your Own Device (BYOD) phenomenon.

How can companies manage BYOD issues?

  • Implement a data ownership policy that fully discloses company procedures and ramifications. For example, implement a policy that all devices must be controllable from within the organization. This grants the employer the right to monitor employees’ activities on the device, and it ensures that, should a device be stolen or an employee terminated, the IT department can remotely lock or wipe the device.
  • Allow only devices that will actually be used for company purposes to connect to the corporate network.
  • Ensure that all devices granted access to the corporate environment meet established security and policy requirements. For example, companies may require that portable hard drives or flash drives be inspected before leaving the premises to make sure no company data is removed from the building.

Creating and implementing a well-documented strategy for maintaining confidential information and having technological safeguards in place will make it much harder for an employee to steal data. In the event that an employee is able to sneak out data, the right logging and backup systems will enable forensic personnel to prove theft. When used as evidence in court, the proof of a theft may allow for retrieval of the information and sanctions against the person(s) who stole it.

The takeaway

Chuck Snipes outlines above the sensitive nature of data, and highlights just some of the ways experts like him can prove theft. If you suspect a former employee is or has accessed, altered, or taken data, you’ll need to call in the experts. Contact Chuck at DSi to find out how they can strengthen your position and keep your data safe.

Remember that everything typed, saved, altered, transferred, or deleted, isn’t gone forever – forensics experts know how to find it.

#DeletedData

The American Genius is news, insights, tools, and inspiration for business owners and professionals. AG condenses information on technology, business, social media, startups, economics and more, so you don’t have to.

Continue Reading
Advertisement
1 Comment

1 Comment

  1. Pingback: Retailers struggle as theft rises (and it's not kids pocketing things) - The American Genius

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News

Daily Coding Problem keeps you sharp for coding interviews

(CAREER) Coding interviews can be pretty intimidating, no matter your skill level, so stay sharp with daily practice leading up to your big day.

Published

on

voice and SEO

Whether you’re in the market for a new coding job or just want to stay sharp in the one you have, it’s always important to do a skills check-up on the proficiencies you need for your job. Enter Daily Coding Problem, a mailing list service that sends you one coding problem per day (hence the name) to keep your analytical skills in top form.

One of the founders of the service, Lawrence Wu, stated that the email list service started “as a simple mailing list between me and my friends while we were prepping for coding interviews [because] just doing a couple problems every day was the best way to practice.”

Now the service offers this help for others who are practicing for interviews or for individuals needing to just stay fresh in what they do. The problems are written by individuals who are not just experts, but also who aced their interviews with giants like Amazon, Google, and Microsoft.

So how much would a service like this cost you? Free, but with further tiers of features for additional money. Like with all tech startups, the first level offers the basic features such as a single problem every day with some tricks and hints, as well as a public blog with additional support for interviewees. However, if you want the actual answer to the problem, and not just the announcement that you incorrectly answered it, you’ll need to pony up $15 per month.

The $15 level also comes with some neat features such as mock interview opportunities, no ads, and a 30 day money back guarantee. For those who may be on the job market longer, or who just want the practice for their current job, the $250 level offers unlimited mock interviews, as well as personal guidance by the founders of the company themselves.

Daily Coding Problem enters a field with some big players with a firm grasp on the market. Other services, like InterviewCake, LeetCode, and InterviewBit, offer similar opportunities to practice mock interview questions. InterviewCake offers the ability to sort questions by the company who typically asks them for that individual with their sights targeted on a specific company. InterviewBit offers referrals and mentorship opportunities, while LeetCode allows users to submit their own questions to the question pool.

If you’ve really got your eye on the prize of receiving that coveted job opportunity, Daily Coding Problem is a great way to add another tool in your tool box to ace that interview.

Continue Reading

Tech News

Quickly delete years of your stupid Facebook updates

(SOCIAL MEDIA) Digital clutter sucks. Save time and energy with this new Chrome extension for Facebook.

Published

on

facebook desktop

When searching for a job, or just trying to keep your business from crashing, it’s always a good idea to scan your social media presence to make sure you’re not setting yourself up for failure with offensive or immature posts.

In fact, you should regularly check your digital life even if you’re not on the job hunt. You never know when friends, family, or others are going to rabbit hole into reading everything you’ve ever posted.

Facebook is an especially dangerous place for this since the social media giant has been around for over fourteen years. Many accounts are old enough to be in middle school now.

If you’ve ever taken a deep dive into your own account, you may have found some unsavory posts you couldn’t delete quickly enough.

We all have at least one cringe-worthy post or picture buried in years of digital clutter. Maybe you were smart from the get-go and used privacy settings. Or maybe you periodically delete posts when Memories resurfaces that drunk college photo you swore wasn’t on the internet anymore.

But digging through years of posts is time consuming, and for those of us with accounts older than a decade, nearly impossible.

Fortunately, a Chrome extension can take care of this monotonous task for you. Social Book Post Manager helps clean up your Facebook by bulk deleting posts at your discretion.

Instead of individually removing posts and getting sucked into the ensuing nostalgia, this extension deletes posts in batches with the click of a button.

Select a specific time range or search criteria and the tool pulls up all relevant posts. From here, you decide what to delete or make private.

Let’s say you want to destroy all evidence of your political beliefs as a youngster. Simply put in the relevant keyword, like a candidate or party’s name, and the tool pulls up all posts matching that criteria. You can pick and choose, or select all for a total purge.

You can also salt the earth and delete everything pre-whatever date you choose. I could tell Social Book to remove everything before 2014 and effectively remove any proof that I attended college.

Keep in mind, this tool only deletes posts and photos from Facebook itself. If you have any savvy enemies who saved screenshots or you cross-posted, you’re out of luck.

The extension is free to use, and new updates support unliking posts and hiding timeline items. Go to town pretending you got hired on by the Ministry of Truth to delete objectionable history for the greater good of your social media presence.

PS: If you feel like going full scorched Earth, delete everything from your Facebook past and then switch to this browser to make it harder for Facebook to track you while you’re on the web.

Continue Reading

Tech News

Google’s reCaptcha better secures sites, but comes with wild privacy risks

(TECHNOLOGY) Google has made some serious advances when it comes to reCaptchas, and they’re extremely impressive. Unless you value your privacy…

Published

on

google's recaptcha v3

Check here if you are not a robot. If you are not a robot, can you read this nonsensical string of letters and numbers that looks like it’s been wrung out like a wet towel? Can you choose the picture of a car out of these nine street scenes?

Over the years, Google has come up with a number of ways to verify that internet users, especially when signing into accounts, are not, in fact, bots. The most up-to-date system, reCaptcha v3, stands to big up web security, but comes with some serious privacy compromises.

The new reCaptcha is invisible to the user. No more clicking through pictures of street signs and dogs. According to Cy Khormaee, product lead for reCaptcha, “Everyone has failed a Captcha,” but from now on, users will no longer have to worry about it.

That’s because the new reCaptcha v3 detects bots by analyzing a user’s navigation of the site itself. Unusual or malicious actions generate a higher risk score. Website administrators receive users’ risk scores, and can respond according by, for example, requiring further verification from suspicious users.

This new method should make it much more difficult for bots to crack a site, because mimicking a whole string of human behaviors is much more complicated that breaking the old Captchas.

Over 4 million sites are still using the old Captchas, while 65,000 new sites are testing out reCaptcha v3. While some sites will display the reCaptcha logo at the bottom of the page, you mostly won’t be able to tell which sites are using the new service.

One major trade off is consumer privacy. As part of assessing a user’s risk score, reCaptcha v3 checks to see if you already have Google’s cookie installed – the one that allows you to open new tabs without re-signing in to Google. The logic is that, if you have a Google account, you are more likely to be a real person. The downside is that this means that Google is receiving data from every site you visit that uses reCaptcha v3.

And what will they do with this data? Google told Fast Company that reCaptcha gathers “hardware and software information, including device and application data” and that this data was used only “to fight spam and abuse.” They claim that data won’t be used to target advertising to users.

As of yet, Google’s Terms of Service does not include any language about reCaptcha. Once again, consumers have nothing more than the good word of the corporation to trust when it comes to their privacy.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!