News & Blog

How to Prevent Potential Data Leaks before and after Employees Depart

Four Secudrive data security solutions to help prevent potential data leaks before and after employees depart

When employees join and leave enterprises, the primary concern is to find replacements or re-shuffle the organization structure. However, one crucial, or the riskiest concern that enterprises may overlook is that the departing employees can accidentally or intentionally leak confidential data on their way out, or even after their departure.

Acknowledging that confidential data leakage upon employee departure is more than plausible and that consequences can be damaging, Secudrive recommends its four solutions – Secudrive File Server, Device Control, USB Office, and Sanitizer – that synergize to stop employees from accidentally or intentionally leaking confidential data, before and after their departure.

1) Secudrive File Server helps enterprises to set up a secure file sharing environment where confidential files can be consolidated and protected in a centralized system of file servers. Firstly, Secudrive File Server ensures that consolidated files are isolated from the employee PCs’ local environment, making them only accessible and usable directly on shared folders. Then digital rights management (DRM) is enforced for each folder to stop employees from leaking confidential data.
Digital rights management is the key to Secudrive File Server, restricting specific functions of files and data. With DRM in place, employees can use enterprise files as normally; however, they will be strictly restricted from specific actions that potentially lead to file leakages, like file copying, screen-capturing, printing, and more. With data leakage blocked by DRM, employees will not be able to export confidential data to their PCs’ local environment or outside environment via offline (storage devices) or online (e-mail or messaging apps) methods.

2) Secudrive USB Office and USB Management Server is a solution suite that provides enterprises a secure media to safely store and transport confidential data outside the office environment. Secudrive USB Office is a hardware encrypted USB with DRM, ensuring data security when employees need to take out confidential files for certain situations like business trips, which may seem to be opportune for data leaks. It brings hardware-encryption with AES-256 crypto chip and DRM (identical to that in Secudrive File Server) to ensure that data stored in Secudrive USB Office are safe from not only outsiders’ unauthorized access but also potential leakage that may occur ‘after encryption.’
In addition to the security measures integrated with the USB drives, Secudrive provides a supplementary Secudrive USB Management Server (UMS) that establishes a remote, centralized platform to manage multiple USB drives and their security policies at once. The more USB drives enterprises use, the harder it is to control, and UMS was developed to eliminate such difficulty by allowing enterprises to keep track and change security policies of multiple USB drives at once, real-time. One critical advantage of real-time management is the ability to instantly respond to unexpected events like USB drive thefts or losses. As enterprises ordinarily use regular USB drives with no security measures implemented, and the data stored is exposed to leakage risks by both outsiders and insiders. Therefore, Secudrive’s USB drive security and management solution will prevent data leakage threats by not only outsiders but also insiders.
Even though the enterprises have secure USB drives, backed by a robust management tool at their disposal, they must make sure that only those USB drives are used by employees. Simply encouraging employees or enforcing some policies is not safe enough, since departing employees willing to steal confidential data can easily use their USB drives. Then how can enterprises limit their employees to use only the safe, security-equipped USB drives?

3) Secudrive Device Control regulates and monitors all or specific devices that are used on the endpoint PCs, through ports like USB, Wi-Fi, LAN, and IEEE 1394. As removable storage devices have become IT commodity for everyone, they have naturally become an integral part of enterprises as well. However, enterprises must first control the use of USB drives to eliminate any possibility of data leaving the enterprise premises.
Secudrive Device Control helps enterprises establish and implement various security policies on multiple groups effectively, by initially drawing the information on how all the PCs and employees (users) are structured together from Windows Active Directory (AD). Moreover, when an employee needs to use certain devices for specific tasks, Secudrive Device Control can temporarily ‘unblock’ specific ports, keeping the work productivity flowing. In this case, it is imperative that USB drives be integrated with reliable security measures.

4) Secudrive Drive Eraser is a disk wiping solution that stops potential data leaks from old PCs used by departing employees. When employees leave, their PCs either change ownership or are destroyed, and before doing so, enterprises often format the PCs. However, PC formatting is never enough as it merely removes the path to the data, not the data itself, which actually can be recovered and even worse, be leaked out.
By using Secudrive Sanitizer can the enterprises completely ‘wipe’ multiple PCs simultaneously, and even execute multiple wiping processes remotely from a centralized console. It ensures that PCs are free of remnant data after being wiped with internationally recognized wiping algorithms. Then the enterprises can re-assign or destroy the old PCs used by departing employees, knowing that all data has been rendered unrecoverable. Moreover, remote PC wiping allows bigger enterprises with multiple locations to wipe their PCs with just a few clicks and to monitor the process from start to finish.

All in all, the four Secudrive solutions – Secudrive File Server, Device Control, USB Office, and Drive Eraser – form a holistic data security architecture that stops departing employees from leaking confidential data before and after their departure.

Share on facebook
Share on linkedin
Share on twitter