RSS Alerts

Share

More services

Related Stories

  • Keeping sensitive information secure when staff is leaving
    Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, let alone their entire lives. But with such a fluid stream of employees keeping human resources busy, and countless eyes being cast over company data, Rob Stringer investigates how sensitive information can stay faithful to its organisation, even if its staff don’t...
  • Keeping sensitive information secure when staff is leaving
    Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, let alone their entire lives. But with such a fluid stream of employees keeping human resources busy, and countless eyes being cast over company data, Rob Stringer investigates how sensitive information can stay faithful to its organization, even if its staff don’t...
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • Social networking: The ‘what not to do’ guide for organisations
    Sales and marketing executives are getting excited about social media, and savvy IT professionals are backing them up. There has been a sea change in the last three months, as Twitter, in particular, takes the corporate world by storm. Infosec professionals are left wondering whether social networking is leading the way, or in the way. Brian McKenna reports
  • Comment: How to stay mobile whilst keeping sensitive data safe
    Press coverage is, on the whole, to be welcomed; however negative publicity hurts your brand and image and does not help win hearts, minds and new customers. So why do so many companies actively court this by being so poor when it comes to handling sensitive data?

Top 5 Stories

News

Six out of ten employees steal company data

24 February 2009

A study of US workers has revealed that six out of every ten employees surveyed stole company data upon leaving their job in the last year.

The research, ‘Jobs at Risk = Data at Risk’ conducted by the Ponemon Institute, concluded that the thefts may be encouraged by fears over job security in the current economic downturn. The stolen company data could be used to assist in finding a new job, starting a business or be used in revenge through means such as leaking it to a competitor or customer.

“[The thieves] are making judgments based out of fear and anxiety,” Mike Spinney of the Ponemon Institute told BBC News. “People are worried about their jobs and want to hedge their bets.”

The report surveyed 945 adults in the US who, in the last twelve months, had changed jobs or lost theirs through redundancy or dismissal.

Each respondent had access to sensitive company information such as customer data, contact lists, employee records, financial reports, confidential business documents, software tools or other intellectual property.

"This shocking research places further emphasis on why IT security should be a priority for all businesses and highlights the need for a multi-pronged approach to data loss prevention," comments Jon Rolls, vice president of product management at ScriptLogic.

Rolls suggests some measures that can be taken to mitigate the risk of data theft from employees.

1) Ensure that permissions are correctly assigned to ensure that employees only have access to the information they need in order to fulfil their job responsibilities and remain productive

2) Control use of removable storage devices, specifically iPods, mobile phones and USB sticks, which provide an easy way to pull volumes of corporate data from the network.

3) Implement tools to quickly audit access to files and specific corporate data to identify the information that was stolen in a breach

"The key is to increase security without hampering productivity," says Rolls. "Unfortunately, many of the “free” and built-in tools provided to manage permissions and lock down removable storage devices are woefully inadequate."

He notes that "The best third-party solution will find the right balance for employee and employer, incorporating all of these aspects. Such solutions, will be more powerful, and yet will have simple permissions management to ensure this kind of data theft is much more difficult and will leave an audit trail."
 

This article is featured in:
Application Security • Data Loss  • Identity and Access Management  • Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012