P2P

14 P E E R T O P E E R : I L T A ' S Q U A R T E R L Y M A G A Z I N E | S U M M E R 2 0 2 1 businesses an average of $607,745. Depending on how skilled the insider is, these incidents may continue for extended periods. Apple has frequently become the target of corporate espionage via Chinese nationals, including intellectual property and photographs of its corporate layout taken in late 2018. There are four categories of data that are vulnerable to this kind of espionage: • Intellectual property - Including research data, product documents, and workplace procedures. • Client information - Including contact information, order history, support logs, and subscription data. • Financial information - Including revenue, expenses, account holdings, and secured login information. • Marketing data - Including demographic reports, advertising expenditures, cooperative ventures with external firms, and marketing collateral. If a business's competitors gain access to any of this information, they instantly possess sensitive data that can allow them to poach clients, jumpstart R&D, and pinpoint demographic target groups. There are several ways for businesses to minimize this internal threat: Create standards for employee organization. These standards should include both maintaining a clean physical workspace and ensuring that each employee's computer only includes approved software and limited access to sites that are not relevant to their work. Limit access to extra recordkeeping. HD cameras are standard in smartphones, so every company must have a method to control visual access to sensitive documents. Providing employees with company smartphones will allow a business to disable the cameras, and they can also require visitors and contractors to either turn in their phones or cover their cameras with tamper-evident stickers. Institute badge access to each facility on campus. Employees need to move around, but they do not necessarily need to access all locations on campus. Modern badge-access programs can permit access and monitor usage so that threat investigations are easier to conclude. Improve document handling. The faster a company can shift to access-managed digital documentation, the more it will be able to do to defend against espionage. Any time when a firm must use physical documents, management should ensure that they have a clear process to shred them when they're no longer necessary. On their own, each of these methods is insufficient to prevent threat: businesses must take a comprehensive or holistic approach to employee security that addresses their unique corporate structures and campuses. Overcoming Technology Liability Technological liabilities are, in some ways, the easiest security threats to overcome. Hardware liabilities include physical network connections, denial-of-service attacks, and internet connectivity. Most of these take place outside of a company's control, except for physical network connections. An IT department can limit the potential for F E A T U R E S 1 2 3 4

• Cover