It shouldn't happen to an IT consultant
Spend your time doing business, not IT.
Monday 17 November 2008, 2:10 AM
Foiled by those pesky database administrators
The security industry has plenty of standard responses for protecting your business data: encryption, access rights, physical tokens, restricting the ability to export the whole database. Blah blah blah. I bet few SMEs actually do a fraction of that - and even if you do, you've still got to have the data accessible to employees, otherwise it's useless. And if there's access, there's a chance to copy and a chance to steal. You need to be smart. So let me at least share an easy way to catch a disgruntled employee with your data on their USB stick.
Cartographers and lexicographers among others have traditionally inserted false data in maps and dictionaries to catch rivals lifting their work. The same trick works for customer databases too; liberally sprinkle the database with friends' and families' contact details, substituting their names with false ones. Brief said friends and family to appear interested in doing business with anybody contacting the fake names, and ask they gather as much evidence as possible
This plan is best avoided if your organisation routinely phones customers but ignoring the odd junk letter or email shouldn't prove much of a burden for your loved ones. If your friends' contact details would stand out in a customer list, for example if all your customers are ship yards, ask a few trusted customers to help out using slightly modified names (such as different middle names).
It's a bit sneaky, and you'll have to take care to avoid letting too many people in the company know what's going on, but if the worst comes to the worst and you do lose the crown jewels courtesy of a disgruntled employee, it can save an awful lot of time and money by persuading the miscreant to cough quickly.
Cartographers and lexicographers among others have traditionally inserted false data in maps and dictionaries to catch rivals lifting their work. The same trick works for customer databases too; liberally sprinkle the database with friends' and families' contact details, substituting their names with false ones. Brief said friends and family to appear interested in doing business with anybody contacting the fake names, and ask they gather as much evidence as possible
This plan is best avoided if your organisation routinely phones customers but ignoring the odd junk letter or email shouldn't prove much of a burden for your loved ones. If your friends' contact details would stand out in a customer list, for example if all your customers are ship yards, ask a few trusted customers to help out using slightly modified names (such as different middle names).
It's a bit sneaky, and you'll have to take care to avoid letting too many people in the company know what's going on, but if the worst comes to the worst and you do lose the crown jewels courtesy of a disgruntled employee, it can save an awful lot of time and money by persuading the miscreant to cough quickly.
Previous
