Insider trading used to happen on Wall Street, where deal-makers and analysts routinely handle company secrets and the temptation to cash in can be great, or in corporate C-suites, where advance word of a company's plans or problems could be leaked to family or friends. But recent Securities and Exchange Commission enforcement actions and Justice Department prosecutions show there's also money to be made trading on the kind of information that mid-level employees at nonfinancial firms have about the operations of their companies.

The latest enforcement actions also show that if companies don't do something about it, things could get sticky. And it's not just a matter of negative publicity. An SEC enforcement action against a wayward employee can not only hit a company with costly and embarrassing sanctions as a vicarious offender, it also poses the risk of criminal liability.

Take the charges the U.S. Attorney's Office for the Southern District of New York announced in December related to Primary Global Research, an expert network firm. One of its employees has pleaded guilty and another has been charged, but the government also filed charges against public company employees who consulted for the firm, including a supply chain manager at Advanced Micro Devices, a senior director of business development at Flextronics, an account manager at Taiwan Semiconductor, and a former supply chain manager at Dell.