A survey of 945 individuals who were laid off, fired or quit their jobs in the past 12 months shows that 59 per cent admitted to stealing company data and 67per cent used their former company’s confidential information to leverage a new job.
That’s according to the “Jobs at Risk – Data at Risk” survey published Monday by Ponemon Institute.
The research firm found that 61per cent of respondents who felt negatively about the company took data while only 26 per cent of those with a favorable view did. Only 31 per cent of those surveyed said they had “trust” in their former employer to “act with integrity and fairness,” 25 per cent were “unsure” and 44per cent did not have trust.
Of the 945 individuals in the survey, which was sponsored by Symantec, 37 per cent said they were asked to leave, 38 per cent said they had found a new job and 21 per cent moved on because they anticipated lay-offs.
The respondents described their work roles as 20 per cent corporate information technology, 10 per cent financial and accounting, 24 per cent sales, 8 per cent marketing and communications, and the remainder spread across fields that include general management, logistics and transportation, research and development, and human resources.
They came from close to two dozen vertical industries, such as manufacturing or healthcare, as well as education and government.
“There are many tragic scenarios now where people are under tremendous pressure,” says Kevin Rowney, founder of the DLP division at Symantec, which sponsored the survey because it wanted more insight into the data-theft problem.
Rowney says he personally knows of a bank using the Symantec data-loss prevention products where employees on the day they were laid off all tried to grab corporate information about high-worth individuals thinking it could help them in the future.
According to the survey, taking e-mail-related information and hardcopy files were the most popular types of documents to walk away with, according to the survey.
Least popular were PDF files, accessing database files or stealing source code outright. Theft was carried out by simply walking out with paper documents or transferring data onto a CD, DVD, USB memory stick or sending documents out as e-mail attachments to a personal e-mail account.
Some admitted they knew taking information with them was wrong, but 79 per cent of those who did admit to taking information without permission offered various reasons why they did it, including “everyone else does,” the information may be useful in the future and “the company can’t trace the information back to me.”
Rowney says he believes a lot of this behavior is “emotional in a time of stress” rather than “sneaking individuals” carefully plotting a data heist over months. “A lot is in the heat of the moment, people make unwise decisions,” he believes.
Surprisingly, 24 per cent of these former employees responding to the survey said they still had access to their former employer’s computer systems after they left, with over 50 per cent citing between one day to a week, but 20per cent more than a week.
While Rowney acknowledges “there is no silver bullet” to prevent all paper and electronic data theft, there are many steps that companies can take to use technology and enforcement of clearly-defined data-protection policies to prevent a lot of the problems.
Source: Computerworld.com
