Skip the navigation

Most fired workers steal data on way out the door, survey shows

Symantec-sponsored Ponemon survey finds that 59% of respondents took data with them

By Ellen Messmer
February 23, 2009 12:00 PM ET

Network World - A survey of 945 individuals who were laid off, fired or quit their jobs in the past 12 months shows that 59% admitted to stealing company data and 67% used their former company's confidential information to leverage a new job.

That's according to the "Jobs at Risk = Data at Risk" survey published Monday by Ponemon Institute LLC. The research firm found that 61% of respondents who felt negatively about the company took data, while only 26% of those with a favorable view did. Only 31% of those surveyed said they had "trust" in their former employer to "act with integrity and fairness," 25% were "unsure" and 44% did not have trust.

Of the respondents, 37% said they were asked to leave, 38% said they had found a new job and 21% moved on because they anticipated layoffs.

The respondents described their work roles as 20% corporate IT; 10% financial and accounting; 24% sales; and 8% marketing and communications, with the remainder spread across fields that include general management, logistics and transportation, research and development, and human resources. They came from close to two dozen vertical industries, such as manufacturing, health care, education and government.

"There are many tragic scenarios now where people are under tremendous pressure," said Kevin Rowney, founder of the data-loss-prevention division at Symantec Corp., which sponsored the survey because it wanted more insight into the data-theft problem.

Rowney said he personally knows of a bank where employees on the day they were laid off all tried to grab corporate information about high-worth individuals, thinking it could help them in the future.

According to the survey, e-mail-related information and hardcopy files were the most popular types of documents to walk away with. Least popular were making off with PDFs, accessing database files or stealing source code outright. Thefts were carried out by simply walking out with paper documents or by transferring data onto a CD, DVD or USB memory stick, or sending documents out as e-mail attachments to a personal e-mail account.

Some admitted they knew taking information was wrong, but 79% who admitted to taking the data offered various reasons why they did so. They said the information might be useful in the future and said such comments as "everyone else does" and "the company can't trace the information back to me."

Rowney said he believes a lot of this behavior is "emotional in a time of stress" rather than "sneaking individuals" carefully plotting a data heist over months. "A lot is in the heat of the moment, people make unwise decisions," he added.

Surprisingly, 24% of the survey respondents said they still had access to their former employer's computer systems after they left, with over 50% of them saying that the access continued for between a day and a week, and 20% said it lasted for more than a week.

While Rowney acknowledged that "there is no silver bullet" to prevent all thefts of paper documents and electronic data, he said there are many steps that companies can take to use technology and enforce clearly defined data-protection policies to prevent a lot of the problems.

Reprinted with permission from NetworkWorld.com. Story copyright 2012 Network World, Inc. All rights reserved.
Our Commenting Policies