As a special feature of our blog –special guest postings by experts, clients, and other professionals –please enjoy this blog post by digital forensics expert Trent Livingston, a Director of iDiscovery Solutions.

By Trent Livingston

Do you recall the early days of the spy movie genre? Many of these movies depicted cloaked secret agents slinking around dark offices snapping pictures of evil plots to take over the world with their tiny spy cameras. Now a tiny spy camera is a bit passé given that every smartphone worth its salt makes this a standard feature. What is scary though is that camera is part of a digital storage device that can hold gigabytes of data, which coincidently, is connected to what we now commonly refer to as “the Cloud”.

Companies may not be plotting to take over the world, but one can be sure there is data within corporate walls that ownership wants kept under wraps. Does that mean everyone out there with a smartphone is stealing company secrets? The statistics are a bit unnerving. And a connected smart device is literally a mechanism that puts the ability to mastermind digital theft at one’s fingertips.

The Evolution of IP Theft

A five year old study conducted in 2009 by Ponemon Institute documented that when employees were dismissed, or voluntarily left their employer, more than 59% reported that they kept company data. Of the individuals surveyed, 61% reported to have taken it in the form of paper documents or hard files, 53% used CD or DVD media, 42% used media such as hard drive or USB memory stick, and 38% sent documents as attachments to a personal email account.

Fast forward to 2014 and bring your own device (“BYOD”) policies have introduced an entirely new way to pilfer corporate information. It may be as simple as a contact list, or as complex as source code for a new software release. The issue is, when it comes to Cloud connectivity, a corporation may never know a theft of this type has happened until it is too late. Given that the total losses attributed to IP theft of all types are in the hundreds of billions of dollars annually, it is not something to ignore.

With the advent of Web 2.0, new ways to share files have emerged in the last half decade that were not as prevalent in 2009 when the Ponemon survey was conducted. Google and many others introduced their enterprise web applications in 2009, and cloud computing began to hit its stride. Portable media like the CD and DVD have essentially become obsolete with increased bandwidth allowing large files gigabytes in size to be transferred in the time it takes to create one CD that can only warehouse a fraction of the same data.

While emailing information to personal email accounts is a likely suspect in intellectual property theft, data can leave an organization through a myriad of communication channels, including Social Media. Currently 74% of all adults use some form of social networking website or application. Essentially this means that 3 out of every 4 employees within any organization are using some form of Social Media to communicate. Of these individuals, 69% of them that are Facebook users say they visit the site at least once or more daily.

Social Media provides a means to obfuscate data theft, essentially allowing a perpetrator to abscond with information outside of the company’s firewall. Social networking applications such as LinkedIn, Facebook, and Twitter all have means of private communication. Access to these accounts is easy with any type of mobile device capable of running a social application.

File sharing applications are also mobile. With a quick click, and attachment saved from a corporate email account can be uploaded from anywhere to the likes of or Dropbox. These applications serve both the corporate and personal markets, which means distinguishing access to a personal or corporate account using corporate IT based IP address blocking solutions can become quickly limited.


Given that mobile devices serve a dual purpose for both the employee and employer under a BYOD policy, social and file sharing applications are integrated into the everyday corporate environment without second thought to their destructive capability. It is important to set up controls and company guidelines that specifically address employee usage of both social and file sharing web services. While direct monitoring of these types of personal accounts is not permitted, a departing employee’s ability to access sensitive company information should be quickly locked down. Without the proper controls in place, corporations are open to rampant IP theft should an employee have the desire to commit such an act.

Trent Livingston is a digital forensics expert who has given testimony in numerous cases involving topics such as evidence preservation, documentation of events, and computer forensic methodologies. Mr. Livingston has extensive experience working on litigation and consulting matters involving computer forensics, e-discovery and other high technology issues. He serves his clients through the litigation or consulting lifecycle by assisting them with important issues like data scoping, preserving, gathering, processing, hosting, review and production, as well as deeper diving issues uncovered through the use of computer forensics. Mr. Livingston can be contacted at Please note that each case may be unique and this single blog post is not intended to fully cover everything related to trade secret investigations or constitute advice, legal or otherwise. It is always best to consult a qualified person to assist with any investigation.