One in three workers would steal data
By Martin James,
An alarming number of people would consider stealing sensitive data from their employer if it suited their own ends, and the figure is rising, new research has found.
One in three employees canvassed by information security company Cyber-Ark said they had used their employee permissions to access privileged corporate information such as HR records and customer databases without authorisation.
Worryingly from a security point of view, fully three quarters of those questioned in the US and UK claimed they could bypass the controls their companies had put in place to protect such information.
In both cases, the figures represent a rise over last year, despite increased media awareness on the subject after a sharp rise in data breaches.
But perhaps more interestingly than the headline figures was the sharp increase in respondents saying they would consider taking company information with them if they were fired – clearly a result of increased pressure in the job market thanks to the global economic downturn.
Six times as many employees as last year said they would take financial reports or merger and acquisition plans with them and four times as many said they would nab chief executive's passwords and development plans.
One in five companies reported having been victims of insider sabotage, and of those, 36 per cent believed rival firms had benefited.
"This survey shows that while most employees claim that access to privileged accounts is currently monitored and an overwhelming majority support additional monitoring practices, employee snooping on sensitive information continues unabated,” said Cyber-Ark chief executive Udi Mokady, commenting on the survey results.
“Businesses must wake up and realize that trust is not a security policy; they have an organisational responsibility to lock down sensitive data and systems, while monitoring all activity even when legitimate access is granted," he added in a statement.
More than 400 senior IT professionals in the US and UK took part in Cyber-Ark's Trust, Security & Passwords survey, mainly from enterprise class companies.
Read on to find out what to do in case of a data breach.
Sponsored Links
advertisement
Latest Public Sector Analysis & Insight
Striving to solve the security skills crisis
The Cyber Security Challenge is doing a fine job, but flat registration growth and weak Government funding are cause for concern, Tom Brewster discovers.
- 2011: The year in news
- Are the cookie laws crumbling already?
- UK rural broadband: too little, and too late
- How the Data Protection Act's death will punish the UK economy
- Education: glad to be a geek
- Plugging public sector data leaks
- Going for Gold - IT at the London Olympics
- Fujitsu: out to steal HP market share
- What will Windows Mango mean for business?
Latest Public Sector Reviews
HTC Flyer review: First Look
- HP TouchPad review: First Look
- RIM BlackBerry PlayBook review - First Look
- MWC 2011: Acer Iconia A100 and A500 reviews – first look videos
- MWC 2011: HP TouchPad review - first look video
- MWC 2011: RIM BlackBerry PlayBook review - first look video
- MWC 2011: HP Pre3 review - first look video
- MWC 2011: Motorola Pro review - first look video
- MWC 2011: HTC Flyer tablet review - first look video
- MWC 2011: Samsung Galaxy Tab 10.1 review – first look video
advertisement
Most popular
- Google releases Chrome for Android beta
- Will someone rid me of these troublesome Macs?
- OneNote hits Google?s Android
- BlackBerry Bold 9790 review
- Google sends in Bouncer to sort out malicious apps
- Ubuntu vs. Windows 7 on the business desktop
- Who to trust after the VeriSign hack?
- Head to Head: Mac OS X 10.7 Lion vs Windows 7
- ACTA: the basics, the controversies, and the future
- BT considering Ofcom price cap appeal
Latest News Videos in Public Sector
Q&A: David Elton, PA Consulting Group
PlayCIOs are increasingly influential, but have to juggle "dual roles", study finds.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
To avoid data leakage
As we can see in this case about data theft, one of the most difficult challenges is to protect intellectual property in companies. A company’s expertise and R&D output are at the very heart of its competitive advantage. Nevertheless, the problem is that the company has to share knowledge with his employees as well as with externals. Lock confidential data behind firewall without access for externals doesn’t seems appropriate. Intellectual property must be accessible remotely to enable stakeholders to collaborate and to share documents and information in a comprehensively protected and secured way without any unauthorized access. Printing, saving and forwarding of documents must be prevented, avoiding data theft and leakage it is essential to track the whole document life cycle! Features like “tamper proof audit trails” and “Brainmarks” will show who has stolen certain documents!
By Dynamus on Thursday Nov 26
Marc Hocking, CTO, Becrypt
The recent stories surrounding data theft reinforce the need for companies to have a sound Information Assurance strategy. This needs to comprise of effective policy which is reinforced by technology. The correct controls need to be in place from the start – trying to put these in place after an employee has been sacked and stolen data is like bolting the barn door after the horse has bolted. Whenever an organisation hires a new employee, there needs to be education about the data policy, and continual reinforcement of this to ensure that employees are updated on any policy changes. Organisations need to make sure that strategies are in place across the entire employee lifecycle, and ensure that these are effectively communicated, so prevent potentially catastrophic data loss.
By Becrypt on Friday Nov 27