Unauthorised access to customer databases

A security policy response attracted the attention of the risk managers responsible for monitoring to the abnormal activity of an employee who accessed the customer databases that include the information on individuals.
The program helped to establish that the specialist collected several customer databases and compiled them into one document. After he sent it to a colleague unauthorised to manage this kind of data.
The analysis allowed the risk management department to expose the collusion: the first employee was supposed to collect the data, and the other one – to sell it to a third party. 
Foreseeing the leakage of insider information, the risk managers used the employee monitoring system to encrypt the documents that the second specialist uploaded to a USB flash drive. This measure didn’t allow third parties to read the information. The company gathered the evidence of the violation and dismissed the criminals.