Data Security and the Disgruntled Employee

Disgruntled Employee

It happens. An employee either quits or is let go, and impulse sets in to “right a wrong.” A Disgruntled Employee can pose a significant risk to your organization if rebellion is on their agenda. After all, they have access to sensitive company info such as business dealings, contact/vendor info, passwords, and company account info; you name it.

With that said, you’re probably wondering what damage can come from this situation? Well, the long and short of it is… Plenty. This can mean anything from deleting or corrupting sensitive files on a server or drive, sending out inappropriate emails through their company account, and disclosing trade secrets, among other things.

What can you do to enhance your data security to thwart a Disgruntled Employee?

The first and most important thing you can do is prepare for the worst-case scenario. Unfortunately, there is no way anyone can predict how an employee will react (or retaliate) when a company parts way. Still, by proactively anticipating things could go south fast, you can keep the damage to a minimum.

What other ways can you maximize data security?

  • Require non-disclosure agreements when employees are working with highly sensitive information. This creates legal hurdles should they decide to go rogue.
  • Set expectations for how the company’s data will be utilized by employees and the repercussions for breaking these standards. An example of this could be bringing personal USB drives from home and connecting them to the network. By connecting it, there is the risk it could cause a security nightmare if the drive has a virus or could allow for sensitive information to be stolen.
  • Protect devices by encrypting those that store the company’s most sensitive data. If an employee tries to tamper with drives or storage, this will help get things up and running quickly.
  • Monitor user behavior and look for suspicious activities. Look for red flags. Disgruntled employees tend to either act out or become very sneaky when planning something.
  • Make sure user permissions are only given for necessary tasks, and quickly disable accounts that no longer need to be used. The sooner you disable this employee’s accounts and access, the better. Some have even advised suspending these accounts during a termination meeting.
  • Use Mobile Data Management that allows you to wipe out or disable a laptop or a mobile device remotely.


Posted in Uncategorized