Here's proof that even the most innocous-looking actions of your employees can bring down your data security walls - a Pfizer employee unwittingly opened the door to the theft of over 17,000 personal records of the company's current and former employees. How? By installing a file-sharing software program on his desktop. And 15,700 of those files were accessed and copied through the peer-to-peer application.

If you haven't monitored the computer activity of your employees or have a plan in place to have supervisors do so, now's the time. An employee installing instant messaging without company knowledge or consent leaves the door wide open for thieves to walk in and take whatever is stored on the servers. Imagine the implications of 17,000 compromised files. For Pfizer, the costs are already climbing - the company has had to hire an outside security firm, Experian, a credit reporting agency, to provide each affected person with a "support and protection" package. The packages include free credit monitoring service for one year and a $25,000 insurance policy covering costs incurred as a result of the breach.