Employees are increasingly using portable storage devices (PSDs), such as USB keys and external hard drives in the workplace. With the attraction of PSDs user-friendly technical capabilities and physical characteristics, and the advent of online 'cloud' storage facilities, such usage will inevitably continue to expand. However, these technologies do not come without some problems.
The use of PSDs makes businesses' information increasingly susceptible to loss, theft and misuse. Of significant concern is the increasing incidence of employees using PSDs to take and copy from their employer private and business-sensitive information, without authorisation. A number of recent cases in the US have involved situations where former employees have taken thousands of pages of highly sensitive and confidential documents on leaving former workplaces.
In order to minimise this risk, employers should:
- prohibit staff from using privately owned PSDs at work
- introduce software and hardware controls to better regulate and ensure the safe and secure use of PSDs
- introduce measures to monitor and track the use of PSDs within the workplace and to ensure appropriate investigations into and responses to any loss of devices
- protect confidential information and intellectual property through well drafted employment contracts and confidentiality agreements.
Should sensitive information nevertheless fall into the wrong hands, employers can seek recourse for legal infractions through the courts. Courts may order forensic analyses of computer hardware, injunctions against employees, orders for delivery up of property and damages for violations of legal obligations, such as those in employment contracts.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
