>Home >Background >Enemy Within

The enemy within – employee theft of spreadsheet IP

The biggest danger to a company’s IP is often not from external sources, rather it is from naïve, negligent or disgruntled authorized users of the company’s computer systems. These users may be employees, ex-employees, part-time workers, or contractors etc.

"Naïve employers who continue to trust their staff blindly without relying on robust security measures are asking for trouble." Prefix IT

"The majority of data breaches (61%) originate from internal sources …" Data Monitor

"Weak password protection gives the illusion that you are safe when you are not." Robert Vamosi, CNET

"Companies are especially vulnerable to internal data theft … because 78% of the workforce owns devices capable of downloading and storing data such as USB sticks …" Prefix IT

"16% of firms were hit by theft of intellectual property … average loss was more than $1 million." James Weir, Dominion Post

"On a PC bought at auction were current customers’ details … login codes … personal details … in 77 Microsoft Excel files." Bernhard Warner, NZ Herald

Major security efforts in the past have concentrated on protecting against unauthorized users, both external and internal – network security, volume encryption, firewalls, anti-virus, anti-spyware etc.

The need now is to also to protect against scenarios such as employee theft, where authorized users who have a legitimate requirement to access and use a particular file should nevertheless be prevented from copying or viewing some of its confidential contents.

For example, Excel spreadsheets are widely used to store confidential data and trade secret algorithms (as formulas or macros). Surveys indicate a wide concern about spreadsheet security (and even about the possibility of employee theft of spreadsheet intellectual property). However, those same surveys reveal a misplaced reliance on Microsoft’s own password-based spreadsheet protection methods (to protect confidential data, formulas and VBA macros from authorized users).

Spreadsheet Sentry provides strong content security

Spreadsheet Sentry is a software solution that encodes spreadsheets to provide strong content security (authorized users are able to use encoded spreadsheet but are prevented from viewing or editing confidential data or trade secret formulas) and strong location security (encoded spreadsheets will only run on authorized PCs).