He is so loyal. She is so trustworthy. They are so devoted. These are the things companies think about their employees when all is going well. But even the most trustworthy and loyal of employees can become a security threat in the face of a layoff. Layoffs change everything, tearing at the job security that creates high-morale environments and ripping at the fabric that makes employees so loyal, trustworthy and devoted.

Analysis

Preparing for layoffs requires more than just severance package explanations and preparing managers to do the deed. Protecting the integrity and security of your computer systems and data is important too. “I can’t begin to tell you how many times companies come to us because they’ve had disgruntled employees steal very sensitive data,” says Mike Logan, president of Axis Technology, an IT and data security solution provider used by enterprises including Bank of America, Wachovia, Fidelity and Citigroup. “The number one comment is ‘we thought we could trust them.’ The writing has been on the wall for quite some time, especially with the layoff trends we are seeing today. Password-changing and access-rights are not enough – especially because nowadays many employees are taking data in anticipation of a layoff."

So, how can you protect your company?

For one, Logan says that using masking technology protects data even better than encryption, since unlike the puzzle aspect of encryption, masked data is missing the pieces that make it useful. "The easiest solution companies are deploying is new technologies that render data useless if stolen, such as data masking. It manipulates data so that it’s still usable within its environment, but unable to be tied back to any individual outside of its origin. In short, if data is stolen, masked data is useless to a thief because it is out of context with no way to utilize it outside of the environment," says Logan.

Another key element: keep employees on a need-to-know basis when it comes to systems. Your whole company shouldn't have access to legacy systems or key customer data – just the people who truly need to access that information. Software like DataVantage from Direct Computer Resources, Inc. can keep confidential information in production and test databases obscured so that workers who test data and software applications don't actually see real customer information. Instead, the data shown will have been manipulated with masking, de-identification and other security measures.

And finally, as security expert Ira Winkler says, "You really need to cut accounts before people are fired." Whether it's being fired or laid off, cutting off access before the news is broken is key to ensuring that there won't be any last-minute data breaches in the heat of the moment.