Ever more companies are protecting their information, seeking to prosecute those who steal from them and trying to deal with computer misuse in the workplace, say computer forensic investigators DataSec.
Ever more companies are protecting their information, seeking to prosecute those who steal from them and trying to deal with computer misuse in the workplace, say computer forensic investigators DataSec. Whilst criminal investigations provide most of the Hertfordshire-based firm?s forensic computing work, there has been an increase in the use of forensic computing methods in other areas. DataSec believes that commercial organisations will begin to rely on these methods more and more. The obvious reason for this is the increased reliance on computer-based
systems by companies and the increased internal risk as greater access is given to employees, says Adrian Reid, Managing Director at DataSec. Whilst the greatest perceived threat to business may be cybercrime, in reality, the employee remains the highest risk. Also, with recession looming there is increased risk through staff dissatisfaction caused by greater pressure on companies to constrain budgets, including IT security.
Current trends include some of the following: theft of information (such as databases) – sometimes taken by employees in order to set up a rival business; employees being dismissed following access to pornographic websites at work; sending of inappropriate emails; unlawful interception of emails for commercial gain; sabotage of company technical services; employer/employee disputes over document authenticity – forensic analysis required to compare versions of the same document; copyright infringement – employers alleging that employees have unlawfully used a computer-generated image or document; excessive cost to business through the distraction of non-work related internet and e-mail use by employees and in turn a greater tendency to consider monitoring services. Adrian Reid, Managing Director at DataSec, says: ?One obvious preventative measure for companies is to monitor their employee’s activities, yet the guidelines on these issues still require clarity. In our opinion there is scope to lawfully monitor staff, especially when the employer has good reason to suspect an individual’s misuse or criminal activity. This area is often new to employers and they only address the issues when they have to. This can expose a lack of suitable policy and might prevent a covert investigation. The majority of work we undertake is in response to
an incident rather than providing proactive, preventative services. We believe this situation will change as more employers realise the benefits of prevention rather than cure in terms of cost, image and employee relations.? See http://www.datasec.co.uk.
