Survey finds most employees will leave with company data
November 22nd 2010, London (UK): An Imperva survey of more than 1000 UK residents indicates that insider threats are mainly comprised of normal, mainstream employees. Most strikingly, the survey found that 70% of respondents had clear plans to take something with them upon actually leaving their job. The most popular data is intellectual property (27%) and customer records (17%). Moreover, about half of respondents claimed to have personal ownership of the data - 59% in the case that they were about to change jobs, and 53% if they knew they were about to be dismissed.
“This survey refutes the conventional wisdom that insiders are corporate spies or revenge-seeking employees,” explained Imperva CTO Amichai Shulman. “It seems most employees have no deliberate intention to cause the company any damage. Rather, this survey indicates that most individuals leaving their jobs suddenly believe that they had rightful ownership to that data just by virtue of their corporate tenure.”
Survey highlights include:
- 70% of the respondents had clear plans to take something with them upon actually leaving. Most popular data being intellectual property (27%) and customer records (17%). Ironically, 66% of respondents would not deliberately take out employer’s data upon rumours of dismissal.
- 79% of the surveyed individuals responded that either their organization does not have, or is unaware of, any policy to remove collected data from employees’ laptops upon departure.
- Most respondents (72%) have admitted to taking out corporate data. This data is evenly distributed between customer records, HR records and marketing material.
- More than half of the respondents claimed to have personal ownership of the data - 59% in the case that they were about to change jobs, and 53% if they knew they were about to be dismissed. Others considered it helpful in their next role (35% when moving a workplace, 17% - under the knowledge of being terminated). The vast majority (85%) carry corporate data in their home computers or mobile devices. This data mostly consists of customer records (75%) and Intellectual Property (27%).
The survey shows that employees tend to extract information which is beyond their need to know and enterprises have practically no controls in place to prevent excessive privilege access:
- 54% of the respondents have accessed data outside their explicit role permissions. Customer records consisted of 50% of individuals’ interest. While 54% accessed files outside of their normal business privilege.
- 73% of survey takers replied that existing access control mechanisms around this data are very easy to bypass.
Surveyed were 1026 people in various business districts across London during November 2010.
Imperva is the global leader in data security. With more than 1,300 direct customers and 25,000 cloud customers, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems. For more information, visit www.imperva.com , follow us on Twitter or visit our blog.
Imperva and SecureSphere are registered trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.
Source: Eskenzi PR
Seed Newsvine