When I’m sitting in the bus, I am always amazed at the numbers of people plugged in to iPhones, iPads and laptops – me too right now, as I am writing this blog, but it raises a concern in me for SMEs around the country – what is happening to all the information – the data being accessed, created and changed?
In this world of instant access and needing to do more with less time, our teams often work on the way to and from home, at home and even on holidays. For most businesses, this is a huge advantage as this is often discretionary work time and effectively unpaid – but what happens when employees resign or you need to terminate them either through redundancy or performance?
Have you collected the laptop, the files sent to the home email address, the USB sticks, the hard and soft copy files, the mobile messages not deleted…?
Have you changed the passwords, the security code to the building, have you collected the keys to the office? In most cases, the answer is some but not all. Do they still have a copy of the code of your latest app? All they need to do is rebuild it, because, hey, you didn’t say they couldn’t even if it is poor form!
Are your employees educated on the need to protect all company information when offsite, for example working on the bus or train. Are they aware of who is sitting next to them on the bus or who is listening to their mobile conversation about a client and the issues – by name, yes, there are some conversations that I could quote verbatim.
Here are five tips to protect you and your business:
- have a written exit process
- have a list of all equipment supplied to an individual and have the employee sign for it – once it’s returned it can be checked off
- have a policy detailing protection of intellectual property and company-owned equipment – have a clause in your employment contracts about this
- complete an exit interview with employees who are leaving to learn about their experiences but also to reinforce their obligations post leaving the business
- all employees should know the company policies – get them to confirm this in writing
You have worked too hard to let your critical data walk out of the business unprotected – not to mention the obligations that you have to your clients to protect their information