Article
One: Recruitment Consultancies and Industrial Espionage – It
Could Happen to You! By The Internet Group
Industrial espionage refers to the non-authorised examination of corporate publications and websites to determine the activities of a company, through illegal methods including technological surveillance, bribery or blackmail.
Industrial espionage is a very real threat in today’s commercial world. Nowadays, information can make the difference between success and failure; a trade secret will level the competitive field or even tip it in favour of a competitor. However, what sort of threats can you - as a recruitment consultancy - realistically expect to face, and which measures can be put into place to prevent these?
This article looks at the concept of industrial espionage in the context most relevant to recruitment companies, where the perpetrators intentions are to set-up their own business or provide intelligence to a competitor. In short, it looks at the theft of a company’s intellectual property. Being a ‘people business’, some recruiters feel that - having nurtured a relationship with a particular client - they have reserved the right to take this information / relationship with them when they leave their existing employer. Please find below some areas that will alert you to some existing risks and threats to your business, and advise you on simple but effective precautions to protect yourselves.
Let’s take a look at a few common threats faced by recruitment consultancies.
Database theft
Database theft is probably the first point of action from rogue recruiters. Databases “borrowed” from a past employer have commonly been used to help set up new businesses, but they have also been used to supply rival organisations with contacts and other sensitive information that are critical in the talent resourcing space.
Very simple measures can be put into place to help protect a company against database theft. For instance, the locking down of USB ports on all workstations instantly prevents users from being able to use devices such as USB sticks or MP3 players that may be used to download and transport data. Be under no illusion that everyday devices such as iPods are essentially hard disk drives that can be used to copy huge volumes of any sort of electronic data!
Companies with high volumes of sensitive information should therefore consider the level of privilege access that each employee has on the IT infrastructure of the organisation. For example, that may mean that only relevant folders and programs on the company server are available to each individual. Another example might show that staff working remotely - from home or on assignment out of the office – don’t need to access the whole network. In which case, wouldn’t it make sense to only let them see the files and programs they actually need to work remotely?
Another good idea is to include “trigger” data within your database. The contact details of a trusted business or friend won’t of course prevent data being stolen, but it will immediately make you aware if it has been stolen if that person is contacted by anyone other than you.
Email
Email has proven another popular medium to communicate confidential data to the outside world. In order to prevent this, cautious organisations should organise the monitoring of all inbound and outbound emails – and of course make sure that all staff are aware that their emails are monitored. Although the concept of emails monitoring is sometimes viewed as intrusive by company staff, remind them that you’re protecting their livelihoods as well as yours.
After all, industrial espionage could be achieved only with one employee auto-forwarding emails from specific prospect companies to a personal email address, under the cover of ‘needing it to work from home’. Ensuring that such emails really correspond to a business need should be easy for any recruitment company.
Network security
So what else can be done to further protect an organisation’s business intelligence? A full network audit of the company’s systems would be a good starting point. Any good IT company should be able to provide a detailed overview of the company’s network, explain what sort of risks it is under and more importantly, what measures can be implemented in order to avoid these.
This article only gives a snapshot of risks faced nowadays. However the above points are quick and easy ideas of what can be put in place, which will definitely have a significant effect on the security of all business critical information.
For a detailed breakdown of the risks of industrial espionage, and what you can do about it, contact Mitchell Feldman:
Mitchell@theinternetgroup.com.
The Internet Group is provides proactive IT support and consultancy to the recruitment sector. Find out more about them at
www.theinternetgroup.com
or call 0845 458 0497
|