Cloud-based storage services such as Dropbox, iCloud and Google Drive are becoming increasingly popular as a way for businesses to have employees store files. These services make the files accessible to multiple employees without the expense and trouble of a dedicated group of computer servers. For small businesses, this is a huge advantage that allows them to compete with larger companies. Few people realize, however, that the files that are uploaded to these services have the potential to be read by anyone.
Several recent court cases have focused on theft of company documents by employees who use these programs to store and later download hundreds of pages of company secrets. Specifically, a recently filed lawsuit accuses a former Lyft COO of using Dropbox to take thousands of e-mails and other documents when he left to work for Uber.
Unfortunately, for most companies, by the time an employee leaves with trade secrets, the damage is already done. That means that most companies need to focus on protecting themselves rather than suing a former employee later on. Make sure that your company is following these rules to protect its sensitive information.
- Limit trade secrets. Not everyone needs to know everything that goes on at your company.
- Prohibit use of cloud storage for specific projects or subjects. While it can be a good idea for some companies to simply ban these programs from company computers, many businesses need their employees to have access to documents while they are traveling. In this case, limit what kind of documents can be uploaded to these programs. Ideally, label sensitive files as “confidential” so that everyone is aware that they cannot leave the office.
- Have employees sign an NDA. Non-disclosure agreements used to be reserved only for upper-level management. Today, however, they should be used by companies for any employee that has access to sensitive information. A low-level engineer can do the same amount of damage as a high ranking executive.
