Most fired workers steal data on way out the door, survey shows
Symantec-sponsored Ponemon survey finds that 59% of respondents took data with them
Network World - A survey of 945 individuals who were laid off, fired or quit their jobs in the past 12 months shows that 59% admitted to stealing company data and 67% used their former company's confidential information to leverage a new job.
That's according to the "Jobs at Risk = Data at Risk" survey published Monday by Ponemon Institute LLC. The research firm found that 61% of respondents who felt negatively about the company took data, while only 26% of those with a favorable view did. Only 31% of those surveyed said they had "trust" in their former employer to "act with integrity and fairness," 25% were "unsure" and 44% did not have trust.
Of the respondents, 37% said they were asked to leave, 38% said they had found a new job and 21% moved on because they anticipated layoffs.
The respondents described their work roles as 20% corporate IT; 10% financial and accounting; 24% sales; and 8% marketing and communications, with the remainder spread across fields that include general management, logistics and transportation, research and development, and human resources. They came from close to two dozen vertical industries, such as manufacturing, health care, education and government.
"There are many tragic scenarios now where people are under tremendous pressure," said Kevin Rowney, founder of the data-loss-prevention division at Symantec Corp., which sponsored the survey because it wanted more insight into the data-theft problem.
Rowney said he personally knows of a bank where employees on the day they were laid off all tried to grab corporate information about high-worth individuals, thinking it could help them in the future.
According to the survey, e-mail-related information and hardcopy files were the most popular types of documents to walk away with. Least popular were making off with PDFs, accessing database files or stealing source code outright. Thefts were carried out by simply walking out with paper documents or by transferring data onto a CD, DVD or USB memory stick, or sending documents out as e-mail attachments to a personal e-mail account.
Some admitted they knew taking information was wrong, but 79% who admitted to taking the data offered various reasons why they did so. They said the information might be useful in the future and said such comments as "everyone else does" and "the company can't trace the information back to me."
Rowney said he believes a lot of this behavior is "emotional in a time of stress" rather than "sneaking individuals" carefully plotting a data heist over months. "A lot is in the heat of the moment, people make unwise decisions," he added.
Surprisingly, 24% of the survey respondents said they still had access to their former employer's computer systems after they left, with over 50% of them saying that the access continued for between a day and a week, and 20% said it lasted for more than a week.
While Rowney acknowledged that "there is no silver bullet" to prevent all thefts of paper documents and electronic data, he said there are many steps that companies can take to use technology and enforce clearly defined data-protection policies to prevent a lot of the problems.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast Best Practices: How to Improve Business Continuity with Virtualization VMware solutions include a range of business continuity capabilities to help ensure availability for applications across your virtualized environment. Learn More>>
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...