Insider theft is increasingly widespread and difficult to prove. Investigators should start by researching when sensitive data was accessed by the suspect. Next, investigators must look for signs of its transfer. Was a USB drive inserted in close proximity to when the files were accessed? Or were personal email accounts used? Did the person access the files from home via a remote network connection? By evaluating the time of access and its proximity to the use of external storage, an investigator can quickly get to the heart of the matter enabling counsel to effectively pursue or litigate a case.
Article by Michael Younger and Judith Branham, Stroz Friedberg
Published in Law Technology News, Dec. 4, 2013
By Guest Blogger: Stroz Friedberg