4 Ways Your Employees Can Hurt You

Bad employees can wreak havoc along your business’ road to success. Here’s how. By Timothy Inklebarger | Digital Exclusive - 2017

You’ve spent years building your business, putting in endless hours of blood, sweat and tears, and now it’s all in jeopardy because of a few bad recruits.

What do you do? How did you get into this mess in the first place?

What matters most is the ability to guard against employee threats to your company’s viability and the foresight to employ key strategies to head them off at the pass.

Here’s what to watch out for.

1. Bad press

It doesn’t take much for a few unpleasant words from a company insider to go viral and damage a brand’s reputation. Meaning, organizations must anticipate possible publicity crises and have a plan ready when trouble strikes, blogs Mack Reynolds, a public relations partner at Sikich, one of Chicago’s largest CPA and multidisciplined professional services practices.

Companies must “assign responsibility and establish a chain of communication to address key audiences,” Reynolds suggests, adding that a “crisis watch team” should be in place to alert senior staff to potential public relations blunders, prevent the crisis from escalating, and tell a story that minimizes the negative and reflects well on the company, its employees and its customers.

Of course, right from the start employers need to remind employees that they’re representatives of the brand at all times, both in person and on social media.

So what’s the best way to avoid a communication crisis? Simply, keep employees happy.

“In the day of social media where news, true or false, can spread rapidly, companies need to work overtime to be aware of how employees feel about the company,” Reynolds explains.

He advises using periodic employee reviews as one of many opportunities to check the pulse of the workforce. Meeting regularly with staff on a more informal basis can also give you insight into general sentiment. Make it a habit to treat employees to happy hours and lunches when feasible.

2. Tense turnover

Unhappy employees can cause serious brand damage with a few choice words, but things can go from bad to worse when they leave your company altogether—and potentially take your confidential information and elite clients with them.

“One of the things that I think is key to protecting your company is making sure that you’re defining the confidential information that is important to your business, the information that your employees and contractors have an obligation to protect,” says Christopher Giampapa, an attorney specializing in corporate lift-outs (when competitors steal key employees or entire teams from a business), with Schulte Roth & Zabel.

In other words, clearly worded and enforceable employment contracts are key in protecting your business.

Employers also should set clear policies regarding access to employees’ electronic information such as laptops, cell phones and other mobile devices. If employees do start to defect, strong policies on electronic surveillance can help computer forensics firms identify stolen information or other key material should you need to prove a breach of contract.

“Your policies should explicitly state that the company has a right to make sure that its information has been removed from devices and software when an employee leaves or is terminated,” says Giampapa.

3. Passive aggression

What do you do when an employee with one foot out the door is throwing major shade with a passive-aggressive attitude? Contingency planning can help if you need to send an employee packing sooner rather than later.

Employers should identify potential risks, particularly focusing on which employee losses would hurt the most or have the greatest operating, financial and legal impacts, writes Chris Lennon for HR.com.

In more extreme cases, a rainy day fund or more serious risk management strategy might be what’s needed to guard against company losses. “Liability insurance, disability insurance, key personnel insurance, and life insurance are types of insurance that small businesses should investigate,” suggest Purdue University economics professors Maria Marshall and Corinne Alexander in Planning for the Unexpected: Human Resource Risk and Contingency Planning.

4. Bad hacks

Every business is at risk of being hacked today, both from inside the company and out. But if you want to beat a hacker, you have to think like a hacker, says Brad Lutgen, a security and compliance partner with Sikich. He advises starting out by conducting a risk assessment to identify potential threats.

“The assessment should identify any potential threats, the impact to the company if those threats were to happen, and the current probability of those threats coming to fruition,” he writes in Sikich’s Manufacturers Guide to Cybersecurity Initiatives. This assessment will help guide employers’ efforts in conducting periodic vulnerability scanning—looking for flaws in the company’s operating system and network—as well as performing an annual penetration test where contractors are paid to emulate hackers and attempt to break into a company’s computers.

“Penetration testing, especially for an organization not doing a lot of security work, offers the most bang for your buck,” says Lutgen.

He warns, however, that sometimes cybersecurity isn’t enough, particularly when hackers target individual employees by spoofing other company employees to get information. Phishing, the act of sending fraudulent emails to get employees to reveal sensitive information, is another strategy hackers often use.

“Companies can spend millions on a security system with shiny bells and whistles, but a single phone call from an unscrupulous hacker can bypass all of that,” says Lutgen.

Unfortunately, there’s no one-size-fits-all solution. “While risk assessments, penetration tests and vulnerability scanning provide crucial information, they do not protect the overall security of a computer or network on their own,” he explains. “It is the action taken after these tests are performed and the understanding of how to implement a cybersecurity initiative that will safeguard a manufacturer’s proprietary information."