david.gray 17570 (2/13/2012)
There are also legal issues surrounding this. Certainly in the UK you would normally have watertight clauses in your employment contract regarding data theft, non-disclosure.There was a data leak incident last year at a UK bank and all employees privy to the leaked data were reminded strongly about the terms covering this and the consequences if they also leaked the data.
Probably also covered by civil if not criminal law?
Such things are very common in employee handbooks here. However the policy is only as good as people WILLING to follow it. In most cases data leaks are not criminal only civil matters. If you take client data with you and use it to build your business you haven't really committed a crime but you have probably violated your employment agreement and they can sue, but you aren't going to jail (which is pretty much how I define whether its really a crime, no jail - no crime) doesn't mean what ya did was right or that you couldn't get whacked civilly..
On military installations, when you are dealing with classified information the network wiring goes into a secure wiring closet. You aren't allowed to take ANYTHING electronic in there, about the only thing would be a watch, even then not a REALLY high tech one. PDA, nope, phone, nope, computer, nope, thumb drive, nope, etc.. If you do, it stays in there.. More than a few people have lost new phones that way.
There is always a trade-off, another poster mentioned that as well. There has to be a balance and some trust, you can never be 100% safe.
There is a book called "Beyond Fear" by Bruce Schneier (sp?) that talks alot about risk, I highly recommend it.
One thing to avoid is security theater, things that make you look safer without actually MAKING you safer. I would categorize airline security largely this way here in the states.
CEWII