By Maggie Shiels Technology reporter, BBC News, Silicon Valley |
|
Six out of every 10 employees stole company data when they left their job last year, said a study of US workers.
The survey, conducted by the Ponemon Institute, said that so-called malicious insiders use the information to get a new job, start their own business or for revenge.
"They are making these judgements based out of fear and anxiety," the Institute's Mike Spinney told BBC News.
"People are worried about their jobs and want to hedge their bets," he said.
"Our study showed that 59% of people will say 'I'm going to take something of value with me when I go'."
The Ponemon Institute, a privacy and management research firm, surveyed 945 adults in the United States who were laid-off, fired or changed jobs in the last 12 months.
Everyone that took part had access to proprietary information such as customer data, contact lists, employee records, financial reports, confidential business documents, software tools or other intellectual property.
'Surging wave'
In the report, entitled Jobs at Risk = Data at Risk, the Institute showed that such data breaches put a company's financial health in jeopardy.
That view is backed in part by another recent study by security firm McAfee. It estimated total global economic losses due to data theft and security breaches by organised crime, hackers and inside jobs reached $1 trillion last year.
|
Kevin Rowney , from the data loss prevention arm of security firm Symantec, the sponsors of the study, told the BBC there would be a "surging wave" of these insider attacks.
"It is conceivable that a company can lose its corporate life through a large scale data breach," warned Mr Rowney.
He added: "The intellectual property of a company can represent the crown jewels and are almost worth more than the building. This is the core asset of a company and any breach or loss can be very expensive."
Relaxed attitude
The Ponemon Institute revealed that part of the problem rests with companies themselves and their relaxed attitude towards security.
It found that only 15% of respondents' companies reviewed or audited the paper documents or electronic files employees were walking out of work with.
|
The report also said that if businesses did conduct a review, it was very poor with 45% not being completed and 29% being fairly superficial.
"Many firms believe insider data breaches are the cost of doing business," said Mr Spinney.
"They believe this is just something they have to live with. Our sense is that a lot of companies have really just given up, but this study shows these are preventable events."
During the economic downturn, security experts have predicted that the number of insider attacks will rise.
Last week, Microsoft told BBC News that "with 1.5 million predicted job losses in the US alone, there's an increased risk and exposure to these attacks".
Mr Rowney said one way to limit such breaches was to boost security but also to change focus.
"The industry has concentrated on the protection of the containers where the data is stored like firewalls, access, controls and end point security systems.
"The end result is that most security teams are protecting the containers not the data itself. And that is a core flaw in the security methodology of many practitioners today," claimed Mr Rowney.
ไม่มีความคิดเห็น:
แสดงความคิดเห็น