Elvis was the star performer at your agency. He has just left the building for his next gig, but was he all that left on his last day, or in the days leading up to his final departure?
One of the greatest, and most sensitive, business challenges in the recruitment industry today is the time when a top performer, partner, or, for that matter, almost anyone cycles out of your agency. Not only are they leaving with their Rolodex of contacts, but there’s a good chance much of your firm’s data assets may be going along with them. Resumes of high-caliber, desirable candidates, client lists, PSL’s, and more have a casual way of leaving the building — along with Elvis, who may just believe they are rightfully part of his entourage and therefore part of his entitlement.
Even with binding agreements between the agency and an individual, it’s still incredibly difficult to prove that anything untoward or inappropriate has taken place – aside from the unnerving fact that Elvis is now fishing in your pond and eating your lunch.
There’s a far simpler way to have control of the situation of individuals leaving your agency than difficult conversations or, in extreme cases, legal action. That control is achieved through the proper security of your data assets. When we say proper security, we mean security which works both as a deterrent and as a safety net. After all, if someone left their store with the doors open overnight, can you really blame passersby for feeling like they had the right to help themselves? You can’t, that’s why the doors are locked and the security system is activated and in plain sight. When it comes to data, the onus is on companies to protect it in much the same way.
It’s an Inside Job
Much of today’s technology for online security is focused on cyber defense, and keeping unwanted visitors out of the network perimeter. However, in many instances data breaches occur through internal activities ranging from human error to outright data theft. It’s the equivalent of stock theft from a store, but only recently has the copying or theft of data been considered in the same light.
Technology exists today to encrypt data down to an individual file level, and to apply controls to audit the life cycle of activity a document or file on a network receives over the course of time. The capability to record not only who accesses a file, but also what they did with it — download, email, print, saved to a local drive, saved to an external device (such as a disk on key or USB device), copy, view, edit, rename, etc. — can all be recorded and managed as part of your data security policy.
Security Can Track Every Action
When a file is protected by this type of technology, the encryption can be extended even to files that have been sent to an external email, or subject to multiple forwarding. Any end-user or recipient who does not have the associated security software used by your agency cannot access the file attachment to open, download or view it. And what’s more, you can even recall an attachment from an email once a breach is discovered, even when multiple forwards have occurred. Combine this with user identity management and behavior controls, that tell you not only who, but the what, when and how, and you can audit not only the interactions with a given data file, but also achieve an auditable trail of breadcrumbs for an individual’s activity within your network – regardless of whether that activity is hosted locally, in the cloud, or a hybrid of both.
So, next time you bring in a star performer, or have one resign to move to another agency, or start-up their own shop, stop and think about what you should do to protect your agency from losing or sharing your invaluable data assets. The technology is available to secure your critical data assets, so that when Elvis has left the building you can feel confident that he — or she — leaves with their family photos, a potted plant, and their professionalism intact. That way, when they exit your stage, you’re the one in the position to say, “Thank you very much.”