One in three workers would steal data
By Martin James,
An alarming number of people would consider stealing sensitive data from their employer if it suited their own ends, and the figure is rising, new research has found.
One in three employees canvassed by information security company Cyber-Ark said they had used their employee permissions to access privileged corporate information such as HR records and customer databases without authorisation.
Worryingly from a security point of view, fully three quarters of those questioned in the US and UK claimed they could bypass the controls their companies had put in place to protect such information.
In both cases, the figures represent a rise over last year, despite increased media awareness on the subject after a sharp rise in data breaches.
But perhaps more interestingly than the headline figures was the sharp increase in respondents saying they would consider taking company information with them if they were fired – clearly a result of increased pressure in the job market thanks to the global economic downturn.
Six times as many employees as last year said they would take financial reports or merger and acquisition plans with them and four times as many said they would nab chief executive's passwords and development plans.
One in five companies reported having been victims of insider sabotage, and of those, 36 per cent believed rival firms had benefited.
"This survey shows that while most employees claim that access to privileged accounts is currently monitored and an overwhelming majority support additional monitoring practices, employee snooping on sensitive information continues unabated,” said Cyber-Ark chief executive Udi Mokady, commenting on the survey results.
“Businesses must wake up and realize that trust is not a security policy; they have an organisational responsibility to lock down sensitive data and systems, while monitoring all activity even when legitimate access is granted," he added in a statement.
More than 400 senior IT professionals in the US and UK took part in Cyber-Ark's Trust, Security & Passwords survey, mainly from enterprise class companies.
Read on to find out what to do in case of a data breach.
You may also like...
advertisement
Latest Industry & Public Sector Features
What impact will the browser ballot screen have?
The browser ballot screen is rolling out across Windows Update. Simon Brew charts its problems, the road to here, and what impact it’s likely to have.
- Q&A: Mark Kingdon on Second Life for business
- Q&A: The ID card commissioner talks cards and controversy
- The past, present and future of the Digital Economy Bill
- Google’s fight for its book deal
- MWC 2010: Top 10 show tech
- FreeBSD and the GPL
- Top 10 technologies for SMBs
- How much is space worth to Britain?
- Smartphones vs netbooks vs tablets - which is best for you?
Latest Industry & Public Sector Reviews
NEC MultiSync LCD4215 review
Rating: 
advertisement
Most popular
- App market will be worth $17.5 billion by 2012
- Open source developers ditch iPhone for Android
- Report: Macs cost less to run than Windows PCs
- Why is Microsoft accelerating Service Pack 1?
- Head to Head: Office 2010 vs Open Office 3.1
- Symantec Backup Exec 2010 review
- Q&A: Conrad Wolfram on communicating with apps in Web 3.0
- Fraudsters focus on ID theft, not stealing cash
- Google Nexus One review: A week with the superphone
- HTC Legend review
Latest News Videos in Industry & Public Sector
Video: What a connected classroom looks like
PlayDell unveils its vision for the classroom of the future, with netbooks, video conferencing and pub quiz-style handsets.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
To avoid data leakage
As we can see in this case about data theft, one of the most difficult challenges is to protect intellectual property in companies. A company’s expertise and R&D output are at the very heart of its competitive advantage. Nevertheless, the problem is that the company has to share knowledge with his employees as well as with externals. Lock confidential data behind firewall without access for externals doesn’t seems appropriate. Intellectual property must be accessible remotely to enable stakeholders to collaborate and to share documents and information in a comprehensively protected and secured way without any unauthorized access. Printing, saving and forwarding of documents must be prevented, avoiding data theft and leakage it is essential to track the whole document life cycle! Features like “tamper proof audit trails” and “Brainmarks” will show who has stolen certain documents!
By Dynamus on Thursday Nov 26
Marc Hocking, CTO, Becrypt
The recent stories surrounding data theft reinforce the need for companies to have a sound Information Assurance strategy. This needs to comprise of effective policy which is reinforced by technology. The correct controls need to be in place from the start – trying to put these in place after an employee has been sacked and stolen data is like bolting the barn door after the horse has bolted. Whenever an organisation hires a new employee, there needs to be education about the data policy, and continual reinforcement of this to ensure that employees are updated on any policy changes. Organisations need to make sure that strategies are in place across the entire employee lifecycle, and ensure that these are effectively communicated, so prevent potentially catastrophic data loss.
By Becrypt on Friday Nov 27