Confidential Documents ......by Tom & Jerry

***
How to safe the Confidential Documents from Employees.
We trust Employees but what’s the warranty that they will not send the confidential documents to there personal mails.
How to truck this…
***

Mr. Venu,

If you don't know the answer, please ignore it, but don't give stupid replies. Tom, regarding the IT department, they will filter every external email and check every system database every month. This way, we can track the amount of data received and sent by individuals. Many companies block Gmail, Yahoo, Rediff, and other emails for security reasons.

Experts, please comment if I am mistaken.

You are absolutely wrong. How dare you call my answer stupid, Mr. Murthy! The question I raised has an answer within it. Please think like a mature person! It seems you have limited experience working in organizations.

"Inventory at the store is compared to the kitchen at home, and a mother is compared to a store manager." These are examples given by ISO experts. Please understand that this is Venu speaking, and no one else!

I am also a double post-graduate!

Dear friends,

Both Venu and Murthy's answers to the question were correct. The difference is that Venu gave a hidden answer (read between the lines), whereas Murthy provided a clear solution to the question. I would prefer Murthy's answer.

Regards,
Ravindra

Hey guys,

STOP FIGHTING. I AGREE WITH BOTH THE ANSWERS and also agree with nsnmurthy's comments. Please provide full and more detailed answers.

Dear Tom,

It is true that all mails go through IT's net scan. However, it is difficult to check and verify the document and determine its intended use. Even though a Pendrive can download important data, there may be security concerns. If you have any technical suggestions to address this issue, please share them.

Thank you.

Hi Tom or Jerry,

It doesn't matter; I like both of you guys. The solution is NOTHING. You can't do anything to stop employees from stealing your data. The only solution probably is to keep it out of their reach. Because from what I have experienced, the employee with no ethics will steal the data however possible, if not by mail or USB, but then by printing if the data is within their reach. I am certainly not a cynic.

Thanks & Regards,
AJ

Documents and data have a broad meaning. To a limited extent, you can protect them from others. Normally, these confidential items are handled by managerial staff. People should learn to behave themselves. We have confidentiality documents signed at the time of employee onboarding. However, there are possibilities of them being broken.

To ensure security, you need to make arrangements and implement measures depending on your company's requirements. There are ways to protect data, but there is no assurance that they cannot be breached.

From the employees' perspective, if they are truly competent, they should not need to steal anything from the company as everything they need is readily available online. This is based on my experience and humble opinion.

Regards,
Chennai Ibrahim

Hello,

The best answer to the same can be found in the any armed force working pattern. Confidential details should also be given only to key people, but not in totality. For example, the finance department may discuss budget with the marketing department, but they would not require to discuss annual profit and loss of the company with the marketing department. Similarly, the confidential details of a company should be given to key persons on a need-to-know basis and not in totality. The onus of protecting the confidential details should be levied on the person with whom the company shares such information. When the onus is levied on the person who has been provided the same by the company, under such situations, the person handling the confidential document will exercise caution when sharing the same with others and his subordinates. Not only work, responsibility, but also trust can be delegated.

Thank you,
Octavious

In my organization, I am handling super sensitive confidential data. There is no one to keep a check on me. If I want, I can send all the data to my personal email without anyone coming to know. If I want, I can take all data out of the office on a pen drive. If I want, I can write the data on a CD and take it out of the office. If I want, I can take the whole computer/laptop out of the office and transfer data. But I just can't do and don't do any of the above because there are people who trust me, and I can't break their trust. So, it depends on the mentality of the person handling the data, and nothing else.

I completely agree with Octavius. The only possible solution to protect sensitive data is to either give the data in parts or use the same data with codes, which would help the company to protect the data. An additional solution is to incorporate a feeling of responsibility in the personnel to whom the data is shared and also make the person accountable for the data. Hope the above solves issues with data theft.

Thanks & Regards,
AJ

Hi Tom,

The IT department of every company monitors this. There are separate software programs in the market that are being used by IT companies to track emails. These programs monitor every email that comes in and goes out. They check the attachments in the emails and track the emails with the help of keywords. This cannot be stopped all of a sudden, but when stringent action is taken against employees who cross the line, it would be a good lesson for others, and they will not attempt such a mistake again.

Regards,
Ram

With respect to the confidential documents, we can follow the below-said points to ensure document confidentiality:

1. As a part of joining formalities, the employers should take a "Non-Disclosure Agreement" from the employees.
2. Include the point "Secrecy & Confidentiality" in the appointment letter stating the employees should not engage in any malpractice such as copying, forging, or transferring official documents.
3. Add a penalty or disciplinary clause if an employee is found engaging in malpractice.
4. Ensure that we have sufficient controls in place in the IT department to block mailing sites and scan outgoing documents.
5. Disable options like pen drives, floppy disks, and CD writing capabilities at all desks. If someone needs access, ensure they go through the proper channels.

Kumar

Dear Tom,

Please ask your IT department to implement mail filtering and maintain a database tracking outgoing and incoming emails from each employee on a monthly basis. You may also reach out to Wipro as they have software available for monitoring the email activity of individual employees.

Thank you,
Rashmi Pandey

You can't stop it completely. Only hard technology and strategy implementation can help to manage it (not stop it!). Top management should know to whom they are transferring confidential data and why? Dissemination of information should be precise and limited to the employees. For this, the entire company corporate culture has to change.

Hello,

I am with one of the BPOs. We do have many training presentations, and the management policy is that we cannot take them out of the office. Is it possible to send the document to citehr private emails? Can anybody point me in the right direction?

Dear Josephr,

If your management doesn't allow you to take the document out of the office, then there is no need to send it to any other place, whether on a forum or through private emails. Please do not disclose this information. I hope you don't mind; that's what confidentiality is all about.

Hello Mr. Murthy,

I feel that you should change your perception first. When I first read Mr. Venu's comment, I felt that there's a hidden meaning. I guess he expected to open a conversation with Tom. If I were in our position, I'd have politely asked him what he meant; or at least would have told him in a much polished way, "Mr. Venu, your answer is not clear or direct... if you intend to say something, please be specific and clear." Instead, you made a very sharp statement like "If you don't know the answer, please ignore but don't give the stupid replies," (not only this but your consequent comments sound a bit rude) which is not at all appreciable in an open forum. As you yourself mentioned, everyone has the right to express their thoughts here without hurting one another.

By the way, this is my humble opinion... I'm not here for an argument.

Thanks,
-binzy

Dear Tom,

If you have friends in Network or a Network Manager in your office, you can consult with them to track the documents moving from desk to desk or through personal emails. It is possible for bulk emails to move from a single node to any servers.

Give me some more time. I will talk with my network guys and let you know in detail.

Regards,
Saravanan

Dear Venu Sir,

Please forgive him. My friend Murthy may be rude, but he might not have as much experience as you do. You are a mature person, sir. Please do not let ego issues arise. I am sorry if I am wrong.

And Binzy, please don't do this. Don't take anyone's side. I know you are free to express your feelings, but similarly, someone took Murthy's side yesterday. Unintentionally, two groups can form, so please take care of it.

Murthy, you should be polite. Here is a story for you: When Ravan was counting his final moments, Lord Ram sent Laxman to ask his last wish. When Laxman asked, "What is your last wish?" Ravan replied, "I do not speak to fools." Ram then approached Ravan, knelt down, joined his hands, and politely asked, "What is your last wish?" Ravan pointed out that Laxman did not learn how to talk to them. Laxman remained silent. So, always be polite. Give respect and take respect.

Now, coming to the point, it is up to the individual how they keep things confidential. There are no specific rules or ways because whenever rules are made, they are meant to be broken.

Thanks,

Viral Shah

:) :)

I would suggest that Gmail/Yahoo, etc., be blocked only for sending attachments. If we actually block these emails and stop employees from using them, then we are actually being very strict on them like kids. Then they will suffocate.