Unhappy employees could leak firms' information
Private companies need to take note of such discontented staffers. According to a research by Symantec India, most of the confidential and classified data in private companies is done by employees.
"Most enterprises have faced a cyber attack and suffered losses due to it. The report shows that on an average an Indian enterprise loses Rs 60 lakh every year due to data theft or loss. This could go up to Rs 84 lakh loss in productivity," said Vishal Dhupar, Managing Director, Symantec India. Use of smartphones, PDAs and notebooks where employees could store classified official information and also use it for work could be under threat if proper security measures are not taken, Dhupar added.
In the research, 59 percent of 100 companies from various sectors like telecom, hospitality, manufacturing, retail and technology feel that employees put the company's security at stake by infiltrating information about the company.
The report says that around 42 percent companies have lost proprietary data. "In most cyber crime cases reported, it was found that the accused was an employee unhappy with his organization," said D Sivanandhan, Mumbai police commissioner at a conference on cyber safety.
"In many cases, low-paid employees share classified information for money. Also, a disgruntled employee could do it to get back at the company," said Sumit Chaudhary, Chief Information Officer, Reliance Communications. "In many cases, employees shared information without knowing that it was classified or without knowing the consequences of their act," he added.
Communication through social networking sites, instant messages services and blogs could lead to malware attacks. Nearly, 82 percent of Indian companies use facebook for business communication and nearly 69 percent do not exercise policies to control the social networking sites. One of the worst attacks had happened when the private organizations were affected by a Trojan called Hydraq.
According to Symantec, confidential data or risk reduction could be done by creating a congenial atmosphere at the workplace by adopting Data Loss Prevention measures like discovering the data, monitoring it and then protecting using security software and mechanisms.