Tuesday, February 24, 2009

Terminated Employees Take Company Data With Them

Via DarkReading -

More than half of all employees who lost or left their jobs last year took confidential company data with them, according to a study published today.

According to a study released by the Ponemon Institute and Symantec, 59 percent of ex-employees admitted to stealing confidential company information. The most commonly taken data included e-mail lists, employee records, customer information, and nonfinancial information.

Fifty-three percent of respondents downloaded information onto a CD or DVD, 42 percent onto a USB drive, and 38 percent sent attachments to a personal e-mail account, the study says. Seventy-nine percent of respondents said they took the data without their employer's permission.

Officials at both Ponemon and Symantec say they expect the trend to continue, if not worsen, as the economy deteriorates and layoffs increase. "If your organization is planning a RIF [reduction in force], you need to understand the attitudes of the people who are being let go," says Michael Spinney, an analyst at Ponemon Institute. "Once they've lost their jobs, they feel like they don't really have a lot to lose."

Legally, corporations could take action against terminated employees who make off with sensitive data, but "most enterprises aren't interested in suing people -- they just want to protect the data and keep it from getting out," says Kevin Rowney, founder of the data loss prevention (DLP) unit of Symantec, formerly known as Vontu.

Rowney believes the egress of data via terminated employees is mostly preventable. "Most employees who've lost their jobs aren't sneaking the data out in sophisticated ways," he observes. "They're emailing it to themselves or carrying it out on a USB memory stick. These are the kinds of things that a good DLP solution can stop."

Spinney notes that many IT organizations still aren't following common-sense best practices when employees leave their companies. "Twenty-four percent of respondents said they still had access to their employer's computer system or network after they left the company," he says. "Cutting off that sort of access should be a no-brainer for most IT departments."

No comments:

Post a Comment