As employers, we are sometimes faced with uncomfortable and unpleasant circumstances.
None is more trying than when an employee (current or former) is suspected of fraud, industrial
espionage, or otherwise deliberately causing harm to our business. But the sad truth is that
these circumstances do arise, and we need to be sure that we are protecting ourselves, our
business, and our other employees.
In these cases, it is important to be able to not only detect their fraud or other wrongdoing but to
be able to document it as well. Documentation is necessary for a host of reasons, from
protection against wrongful termination lawsuits, to evidence to support a civil action, to
occasionally having to assist law enforcement with prosecution in the most serious cases.
Where is a responsible manager or business owner to begin?
First, documentation is everything in these cases. You need to be able to track not only the user
credentials of the person suspected but specific identifiers—including IP addresses and
sometimes even hardware addresses—for those who might be knowledgeable enough to spoof
IP addresses. User logs will also be important to track when data was accessed, if it was
copied, and if it might have been moved or even emailed.
Next, what files were accessed? Were any of them altered or deleted? A good recent backup
might be necessary here to restore data that has been modified, corrupted, or deleted.
The use of easily hidden USB drives is another concern: has data been moved to a portable
storage medium and then removed from your premises?
Lastly, you should have an accurate record of the user’s activity outside of direct file access.
Web searches, correspondence, and the potential use of third-party software to assist them in
their activities are all possibilities. Your network security system needs to be up to the task of
tracking, recording, and then reproducing all this information. It also needs to be able to recreate
or replace any data that might have been deleted or altered in an attempt to damage your
company or hide malfeasance.
NSC Information Technology Group has the knowledge and expertise you need to help
document employee fraud or bad actions. Contact them so you can be prepared for the
situations you hope to never have to face.