We have written before about the Great Resignation and the risk of people taking sensitive data to their new employers. People reassessing their priorities and opportunities as the pandemic eased coincided with a surge of available opportunities. The temptation to steal intellectual property that might help in new organizations was strong. One study found that nearly one-third of employees leaving their jobs took data with them. Another study found that most of those who have stolen information did so within 30 days of leaving an organization.
If this is happening during voluntary terminations, one would expect it to be worse during involuntary terminations. As organizations face pressure to control costs and preserve cash, we will likely see more in the news about layoffs and cutbacks across all industries. Layoffs can leave employees feeling betrayed and unwanted. Will they protect your data? Loyalty is a two-way street, after all.
Forrester has some thoughts on how to mitigate risk during a layoff. Their recent blog post, “Practice Empathy To Reduce Insider Risk” talks about the importance of treating employees respectfully during a layoff. They cite the example of Coinbase sending a company-wide email announcing a cutback and stating, “If you are affected, you will receive this notification in your personal email, because we made the decision to cut access to Coinbase systems for affected employees.“ Obviously this method conveys a lack of respect from the company for their effected employees.
Forrester is correct that empathy is needed during a layoff. We would like to take it one step further and say that empathy and respect are also critical to an organization throughout an employee’s tenure. Many employers worry that a remote or hybrid work environment leaves employees feeling disconnected. The solution is to foster better workforce engagement. Research shows an engaged workforce perform better, experience less burnout, and stay in organizations longer.
Balancing empathy and engagement with the need to protect sensitive information starts with employees trusting they will be treated fairly. This requires that organizations help employees understand why and how access to data is monitored. Intrusive surveillance-based methods that log employee keystrokes and monitor web browsing and personal email build mistrust.
A better way is to focus on the most critical common denominator of all: the humans driving day-to-day operations. By understanding the context of when, why, where, and how employees and third parties interact with data, machines, applications, and peers as they perform their job responsibilities, teams can discern indicators of malicious intent without compromising privacy.
By default, DTEX PULSE utilizes data minimalization and patented pseudonymization techniques, alongside behavioral AI models and machine-learning technologies to learn employee habits and routines. No user activity or behavioral data is available to users or administrators—even those with elevated privileges. When circumstances require unmasking of personal identities, DTEX requires “dual authorization,” usually a hiring manager and HR representative.
The result is better data protection, while demonstrating empathy for employees’ privacy. In other words, treating employees the way you would want to be treated from the day they join the company until the day they leave.
Learn more about understanding your workforce and how to implement empathy in our recent webinar with PwC, “The Workforce of the Future: Trust, Respected, Protected, Valued, and Engaged.”