The proliferation of small, mobile storage devices has made the theft and transportation of data simple, to the benefit of information thieves. Combined with the global recession, information theft is now on the rise globally, with ordinary people becoming involved in what few regard as a real crime.
"In today's society, the theft of information has become an increasingly viable option for those who find themselves in an economic pickle," says Amir Lubashevsky, executive director of Magix Integration. "Stealing anything, from customer contact databases through to contracts, intellectual property, blueprints and future strategies has become big business and exceptionally easy.
"Whether through social engineering, blackmail, financial problems or disenchantment with their employer, employees are today more inclined to accept offers to steal company data and hand it over to third parties. This applies to business as well as information governments regard as critical."
The problem companies face is that legal action is rarely possible, especially if the data ends up in a foreign country. And what's the point? Once the information has left a company, it is gone, the damage has been done and sending someone to jail will not change that.
The only way to effectively protect corporate information is to prevent it from leaving the organisation in the first place. Frisking everyone and checking their cellular devices and portable storage devices, if you can find them all, is an option if contractually permissible, but an unworkable one given the human resources required. Of course, information can simply be transferred electronically from within the business, which is difficult to prevent but easy to prove.
"An effective solution is to use technology to prevent the information leaving except under predetermined rules and conditions," says Lubashevsky. "Using technology to prevent unauthorised people copying data to removable storage, e-mail, or walking away with a contact database on a cellphone is a seamless, invisible operation requiring no additional human resources."
Public and private organisations need to weigh up the cost of protecting their intellectual property with the cost of losing information crucial to the future or the concern to realise the expense involved is negligible. If you don't value your information, you can bet someone else does.
"As in any risk management situation, the organisation needs to determine its capacity for risk and implement the appropriate mitigation mechanisms," Lubashevsky says. "When it comes to information, stopping leakage at the source is, unfortunately, the only effective way for organisations to protect their intellectual property. You can't get it back once it's in the wrong hands."