hi,
Greetings !!!
In our company our confidential information is leaking through employees.we are having camearas.
If any one of you guide me pl.what system you all are adopting in your organisation?
Thanks,
minal
From India, Vadodara
Greetings !!!
In our company our confidential information is leaking through employees.we are having camearas.
If any one of you guide me pl.what system you all are adopting in your organisation?
Thanks,
minal
From India, Vadodara
Dear Minal,
You may not be able to control the leakage of information through the cameras that are installed. Concentrate on the following points:
a) Is there any pattern in leakage of information?
b) Who are the custodian of information? Are they security conscious?
c) Has the leakage taken place of soft information or hard information?
d) Have you disabled USB drive or floppy drive? Who can access internet? Do you do some checks of the mails that employees send (it may not be possible to have 100% check but some percentage check has to be done)?
e) Do you conduct checks of abandoned papers at photocopying machine? Do you conduct the checks of employee's dust bin before throwing the garbage (this may sound dirty job but it has to be done)?
f) Do you check the employees' desks after their exit? How many of them lock their drawers or cupboards and how many of them do not?
g) Who has access to the duplicate keys? How frequently you rotate the keys? How frequently you change the locks?
h) Do visitors are allowed to take their laptops inside? If yes, then does security persons make appropriate records?
Ok...
Dinesh V Divekar
Limit of your words is limit of your world[I][COLOR=#0000BF][COLOR=#FF0000]
From India, Bangalore
You may not be able to control the leakage of information through the cameras that are installed. Concentrate on the following points:
a) Is there any pattern in leakage of information?
b) Who are the custodian of information? Are they security conscious?
c) Has the leakage taken place of soft information or hard information?
d) Have you disabled USB drive or floppy drive? Who can access internet? Do you do some checks of the mails that employees send (it may not be possible to have 100% check but some percentage check has to be done)?
e) Do you conduct checks of abandoned papers at photocopying machine? Do you conduct the checks of employee's dust bin before throwing the garbage (this may sound dirty job but it has to be done)?
f) Do you check the employees' desks after their exit? How many of them lock their drawers or cupboards and how many of them do not?
g) Who has access to the duplicate keys? How frequently you rotate the keys? How frequently you change the locks?
h) Do visitors are allowed to take their laptops inside? If yes, then does security persons make appropriate records?
Ok...
Dinesh V Divekar
Limit of your words is limit of your world[I][COLOR=#0000BF][COLOR=#FF0000]
From India, Bangalore
Usually companies follow a system where every mail that goes out stored with sysy admin .So it can be chceked if it is done in soft info way..............
From India, New Delhi
From India, New Delhi
Hi, It may be that few of your consultants/Vendors involved in it. One preventive action plan may be prepare a NDA (Non disclsoure agreement) & get it signed from your employees & consultants.
From India, Delhi
From India, Delhi
First of all you must draft a code of conduct poicy and circulate it to all and in which define punishment for leaking confidential information in this case if they will be ware abt its outcome first they will do so if they again do so then managemnt is free to take action define in caode conduct also as per sranding order terms.
So this is a system to restrain leaking confidential information secondly if you know the people you can give them a moral lecture on one to one basis or in group it will directly hit them and they will be thinking its consequences as well
I hope in all cases it will work
P K MISHRA
From India
So this is a system to restrain leaking confidential information secondly if you know the people you can give them a moral lecture on one to one basis or in group it will directly hit them and they will be thinking its consequences as well
I hope in all cases it will work
P K MISHRA
From India
Dear Minal
While putting cameras @ strategic places is a definite advantage, it is not the only control that you can place. Assuming that you have yet to discover the source of leakage, some questions need to be answered:-
1 - Do you use computers?
2 - Do you have any internet connection? if yes, then they may be sharing information over internet?
3 - Word of mouth information sharing is usually difficult to catch, but having proper policies and procedures definitely helps. Do you have policies and procedures laid down stating what is confidential information for your organization and that sharing confidential information is prohibited.
Suggestions would be forthcoming if you could be a little clear on the current situation as it would help everyone to understand the problem in a better manner.
Regards
Sripati
Information Security Compliance
From India, Hyderabad
While putting cameras @ strategic places is a definite advantage, it is not the only control that you can place. Assuming that you have yet to discover the source of leakage, some questions need to be answered:-
1 - Do you use computers?
2 - Do you have any internet connection? if yes, then they may be sharing information over internet?
3 - Word of mouth information sharing is usually difficult to catch, but having proper policies and procedures definitely helps. Do you have policies and procedures laid down stating what is confidential information for your organization and that sharing confidential information is prohibited.
Suggestions would be forthcoming if you could be a little clear on the current situation as it would help everyone to understand the problem in a better manner.
Regards
Sripati
Information Security Compliance
From India, Hyderabad
Dear Minal
If the data is the electronic form, you can implement the following points-
A. Block the USB ports of the critical machines. i.e. Desktop, Printers & Laptops.
B. But all the documents with the watermark of your Companies logo. The server needs to me filter such documents, block the watermark contains.
C. Documents can be enabled with Passwords, so to authenticate the sharing & viewing.
D. Keep the track records of Data, again the settings needs to be made from Server file sharing systems.
Minal, Let me know for any further inputs.
From India, Mumbai
If the data is the electronic form, you can implement the following points-
A. Block the USB ports of the critical machines. i.e. Desktop, Printers & Laptops.
B. But all the documents with the watermark of your Companies logo. The server needs to me filter such documents, block the watermark contains.
C. Documents can be enabled with Passwords, so to authenticate the sharing & viewing.
D. Keep the track records of Data, again the settings needs to be made from Server file sharing systems.
Minal, Let me know for any further inputs.
From India, Mumbai
Five Ways to Turn Employees into Security Assets for Protecting Data
Five Ways to Turn Employees into Security Assets for Protecting Data - CSO Online - Security and Risk
Sujan
From India, Bangalore
Five Ways to Turn Employees into Security Assets for Protecting Data - CSO Online - Security and Risk
Sujan
From India, Bangalore
Of course it is a great practical problem.
There is definitely some motivation and behavior problem in your organization.
For your soft data at the earliest you should contact to some good system administrating engineer for the server blockage,usb mode blockage,and updated fire wall and hour to hour tracking of the same.
At the same time develop some SOP (Standard Operating Procedure)for your staffs.
Try to develop the paperless system in your organization.
Ask your all employee that not to bring any bag/paper when they come to office except the lunch box.
Ask your security system to check every one thoroughly including the top management staff at the time of coming and going back from office.
Track all the incoming & out going telephone calls.
Ask all your employee to use the land line phones which is connected to a updated recording and monitoring system for internal training and tracking purpose.
First develop all these things and then call a general meeting with all the HODs and explain the same.Also be strict with them if they do not follow the rules and regulations.
Initially they might be against you but ultimately either they will change themselves or would quit the company.
It is better for a pool to drain the stagnant water in some regular interval !!!
for further discussion please feel free to contact me on "thebanerjies@gmail.com"
Regards,
Ratul
From India, New Delhi
There is definitely some motivation and behavior problem in your organization.
For your soft data at the earliest you should contact to some good system administrating engineer for the server blockage,usb mode blockage,and updated fire wall and hour to hour tracking of the same.
At the same time develop some SOP (Standard Operating Procedure)for your staffs.
Try to develop the paperless system in your organization.
Ask your all employee that not to bring any bag/paper when they come to office except the lunch box.
Ask your security system to check every one thoroughly including the top management staff at the time of coming and going back from office.
Track all the incoming & out going telephone calls.
Ask all your employee to use the land line phones which is connected to a updated recording and monitoring system for internal training and tracking purpose.
First develop all these things and then call a general meeting with all the HODs and explain the same.Also be strict with them if they do not follow the rules and regulations.
Initially they might be against you but ultimately either they will change themselves or would quit the company.
It is better for a pool to drain the stagnant water in some regular interval !!!
for further discussion please feel free to contact me on "thebanerjies@gmail.com"
Regards,
Ratul
From India, New Delhi
Find answers from people who have previously dealt with business and work issues similar to yours - Please Register and Log In to CiteHR and post your query.