A competitor is sending messages to the customer email addresses in the company's Salesforce.com database -- including some dummy addresses set up for testing purposes. Action plan: Use logs and email archives to find out whether an ex-employee stole the data.
When employees have easy access to data, you have to trust them to do the right thing, but you also need ways to verify that they are doing the right thing.
That's why I think it's important to invest in things like
data leak prevention. We're still tuning our DLP installation, but it nonetheless paid off this week, as did something referred to as "honey tokens."
Here's what happened. We use Salesforce.com as the single repository for information about all of our current customers, potential sales opportunities, sales forecasts and more. It's all highly sensitive material and not anything we'd like our competitors to get their hands on.
