Information Leaves when Employees Leave

More than half – 59 per cent – of US workers made redundant or who left their job in 2008 admitted swiping confidential corporate data, such as customer list, before they left, a new study claims.

A web-based survey of 1,000 workers who lost or walked out of their jobs in 2008 by the Ponemon Institute and Symantec found the most commonly purloined records taken included email lists, employee records, and customer information (such as contact lists). Of those who admitted to taking company data, three in five (61 per cent) admitted they harboured a grudge of one sort or another against their former employer.

Half of those who swiped data (53 per cent) burnt the information onto a CD or DVD, 42 per cent used a USB drive and 38 per cent emailed information to a personal email account. Some obviously used more than one technique could be thwarted with adequate data leakage prevention controls.

You can find the complete results of the survey at

http://www.theregister.co.uk/2009/02/23/insider_threat_survey/

 

Often organizations rely on IT Security with a “trust the people” attitude. However, Increasingly it is becoming apparent that less “people reliant” and more “technology driven” initiatives are likely to succeed in IT Security. Ttime and again numerous surveys and IT Incidents prove that Insiders remain the biggest threat to IT Security due to their knowledge of business and access to information.

Leaving employees present one of the biggest threats and they must have restricted access to information the moment they are on notice. Today there are very powerful desktop and user monitoring software which should be deployed by organizations and user actions monitored for effective compliance to Security Policies

Comments are closed.