Tom Skowyrski
asked on
Protect company confidential data when employee is on leave to set up his own company
Hi
We have an employee who just handed in the notice of leaving. That person has access to company computer and laptop and also has usb drive with some of the data. He is using company's emails hosted on our Exchange 2003 server.
I need to be able to monitor/audit the information he is accessing and the emails he is deleting/forwarding. It would be good if I could wipe his laptop/smartphone remotely. Additionally, I need to be able to retain control over our data so he just doesn't walk away with it and doesn't do any damage.
I welcome all the ideas but would prefer checked and tested solutions.
Thank you
Tom
We have an employee who just handed in the notice of leaving. That person has access to company computer and laptop and also has usb drive with some of the data. He is using company's emails hosted on our Exchange 2003 server.
I need to be able to monitor/audit the information he is accessing and the emails he is deleting/forwarding. It would be good if I could wipe his laptop/smartphone remotely. Additionally, I need to be able to retain control over our data so he just doesn't walk away with it and doesn't do any damage.
I welcome all the ideas but would prefer checked and tested solutions.
Thank you
Tom
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Simon
Luckily my customer understands the situation and the IT position a little bit more than I thought they will as I have just spoken to the MD and was informed that they are seeking legal advice. The point is that they are fully aware that everything he needed he has already copied (probability of that is 99%). It is just the case of knowing the options I guess. I talked to the about the following:
* we can recover his deleted emails on exchange so we can review anything he was trying to hide
* we can remotely delete the files on his work laptop and his pc (I am using Logmein Pro)
* we can set the Deny permission on the files and folders he should not have access to
* we can limit his vpn access
Saying that, I was wondering if there is anything else I can do that I am not aware of?
Also, could you please answer the additional questions I have at the moment:
* what is the default policy on Exchange 2003 for keeping Deleted Items?
* can I set up auto forwarding of the sent items to somebody else? Maybe using rules in OWA?
* I would like to use Deny permission for minimising the possibility of the need to restore files from backup shall the employee turn nasty. Do you think that is a good idea?
* is there a permission to prevent user from deleting items while keeping the read/write access?
regards,
Luckily my customer understands the situation and the IT position a little bit more than I thought they will as I have just spoken to the MD and was informed that they are seeking legal advice. The point is that they are fully aware that everything he needed he has already copied (probability of that is 99%). It is just the case of knowing the options I guess. I talked to the about the following:
* we can recover his deleted emails on exchange so we can review anything he was trying to hide
* we can remotely delete the files on his work laptop and his pc (I am using Logmein Pro)
* we can set the Deny permission on the files and folders he should not have access to
* we can limit his vpn access
Saying that, I was wondering if there is anything else I can do that I am not aware of?
Also, could you please answer the additional questions I have at the moment:
* what is the default policy on Exchange 2003 for keeping Deleted Items?
* can I set up auto forwarding of the sent items to somebody else? Maybe using rules in OWA?
* I would like to use Deny permission for minimising the possibility of the need to restore files from backup shall the employee turn nasty. Do you think that is a good idea?
* is there a permission to prevent user from deleting items while keeping the read/write access?
regards,
ASKER
Arnold, we only use standard/default auditing on the SBS 2003 file server. From my experience, this is not enough to record the access to the documents, is it?
Can you give me few example of document management systems that record all access to files?
It is possible that we can use this situation as the lesson to improve the systems and put policies in place. I would appreciate any information which could make it all easier in the future.
regards,
Can you give me few example of document management systems that record all access to files?
It is possible that we can use this situation as the lesson to improve the systems and put policies in place. I would appreciate any information which could make it all easier in the future.
regards,
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Auditing enabled on all document shares if your firm does not already using a document anagement system that records all access.
You should check with legal. If the firm is not concerned, why are you?
Presumably, the firm has a legal framework ..............