Recover Lost Documents

Companies need to know how easy it is for sensitive data to be stolen by employees via high-capacity USB devices, states Karlin Lillington on irishtimes.com.

The report on irishtimes.com continues by stating that, according to Andy Harbison, director and IT forensic lead in law firm Grant Thornton’s forensic and investigative services unit, the most common method of removing company data is by a USB “key” or “thumb” drive, or by similar small storage devices, such as an iPod.

The use of iPods and other MP3 music players has become so common in data theft cases that it is now referred to as “podding.”

Harbison stated that there are certain times when people commit data theft; for example, when they are about to leave the company.

The data often stolen is used as the basis for a new job or company, or for the next project for the person or group stealing it.

Haribson pointed out the example of a case in Ireland in which a software development consultancy stole the software it was working on for a client as a basis for a pitch for new clients.

A common item to steal is client lists, in preparation for setting up a competing company.

Thumb drives, says Harbison, have increased dramatically in their capacity, which has made it all the more easier for people to store a great deal of data on them.

Harbison stated that if forensic investigators can get a hold of the storage devices or computers used to commit fraud, it is not generally too difficult to compile enough evidence to convict the perpetrators. Traces of information from the originating computer are transferred with files to thumb drives and other storage devices, and information is often left in browser caches.