Data Security

Data on the Wild: Protecting Intellectual Property on Remote Workers

What’s on a remote worker's company-owned device? Everything. From the marketing department’s next quarter program, to the sales team’s target accounts.

June 13, 2018

A 2017 report from Global Workplace Analytics and FlexJobs finds 3.9 million U.S. employees, or 2.9 percent of the total U.S. workforce, work from home at least half of the time, up from 1.8 million in 2005 (a 115 percent increase since 2005).

As more and more American companies, startups, and individuals worldwide, promote remote work as a flexible alternative for their day-to-day tasks, they’ve turned to rely on mobile devices as lifelines to their home offices and the rest of their workforce.

In this effort to increase effectiveness, employers issue each new hire his or her own laptop and/or cell phone, which the IT department is tasked with tracking and maintaining.

Now what’s on these company-owned devices? Everything. From the marketing department’s next quarter program, to the sales team’s target accounts, to the company’s most valuable asset -- a list and contact information for current customers.

The Loose (Data) Ends Threat

Increasingly, companies are establishing guidelines for the mobile workforce. Not only do they outline how an individual is expected to behave as a representative, but they also detail what happens when these individual and the company part ways.

For the most part, people who leave for a better job with another company or those who simply retire part on good terms. All hassle is avoided, they turn in their mobile devices, all data is safe, and they move on.

However, an employee termination can be an entirely different story.

Avoiding a Termination Horror Story

Employees who are let go for cause can be angry, resentful, and feel that they have a score to settle with the organization and the people who have separated them from their paycheck.

If the former employee is angry enough, he/she may not be really motivated to return their company laptop. Even worse, they could have some malicious plan, like using any confidential material on the device to get a new job, or to strike out on their own.

This sort of situations can be extremely harmful to the organization's business and, due to the usual lack of regulations, it could escalate quickly to major intellectual property losses. Not only did the company lose a laptop, but they also may have serious concerns about the information of those laptops falling into the wrong hands. After all, who wants a competitor combing through their customer files?

Adding a Layer of Security to Data on the Wild

Before company-issued laptops, protecting a company’s intellectual property was the responsibility of the legal department … or maybe the joint domain of human resources and legal. Today, all that’s changed. The IT department has a big role to play in making sure company information does not fall into the wrong hands while it's out in the jungle, far from the company's internal protection.

Ideally, the HR and legal departments have created severance policies that protect both a company’s mobile devices and the intellectual property on them. This policy will explicitly explain what happens to a company’s property both hardware, software and content – when an individual is employed and when they are terminated. If an employee works in house on a company computer, this is easy enough to do. IT simply cuts off the employee’s computer access.

However, when a remote employee is terminated, their mobile device will still be in their possession. It’s up to the home IT department to incentivize the terminated employee to return the device, for example with a specific contractual bond and dissuasion tactics through a security software.

We have countless examples of this from Prey Business users, like one of our classic and most sensible user-stories, in which a known and respected medical employee took home a device with patient data information subject to HIPAA protections, plus financial data, to work during a holiday weekend.

What happened next? The worker faked his own death in an accident and proceeded to hide in Arizona's desert in a stolen RV, away from his family, with $8,000 in cash, PLUS the company's laptop with all sensible information in it. This was discovered by an MSP's employee, in charge of monitoring these devices and ensuring the data's security, when he retrieved webcam pictures and locations using Prey's evidence reports and took them to the police.

It goes without saying that the former employee was arrested, and the laptop recovered. In this case, Prey enabled the IT team to connect and locate the device; however in other instances, users prefer to use our Remote File Retrieval and Wipe Tool to secure the data and erase it from the rogue device altogether.

Dissuasion: The Key for a Double Recovery

Once a terminated employee finds he/she can no longer use the mobile device, they have a much bigger incentive to return it to their former employer, which would result in a double-recovery: data and device.

If they do not return it, at the very least, any sensitive information can be retrieved or removed if prevention measures were taken, thus protecting the company’s intellectual property.

We recently spoke to Ashville, NC-based Domco, a subsidiary of Novacor Consulting Group, which, as Novacor’s IT support group, tracks a mobile workforce and its devices as it moves across the Southeast United States.

Domco originally deployed Prey's Anti-Theft and management solutions to prevent the loss or theft of these devices, and it has been very helpful on that front.  However, what Domco particularly values about Prey is its ability to protect the company’s intellectual property, due to prior inconveniences with workers who wiped company data.

On the same Issue

Prey’s Kill Switch: Factory Reset vs. Remote Wipe

Learn about Prey’s Kill Switch features and the differences between comes to factory reset and remote wipe.

June 6, 2022
keep reading
What Is Remote Wipe and Why You Might Need It

Read why remote wipe is such an important security feature these days. Learn how to prevent your personal data from being compromised.

May 13, 2022
keep reading
The Complete Guide to Factory Reset

Sometimes, the easiest way to restore a device — and to help ensure that it doesn't escalate into a data breach — is to start over by resetting it to factory settings. Learn more about the importance of a factory reset within your fleet recicling plans or even as data security measure when an incident ocurrs .

April 28, 2022
keep reading
Data Breaches In Schools - What Measures You Should Take

Learn about the possible causes of data breaches, and the steps that schools and universities should take to manage a situation like this

April 26, 2022
keep reading