Technology Sectors
Workers' attitudes feed risk of insider threats, says survey
 |
|
Gilbert: easy to |
A significant number of workers in the United States, Australia and Great Britain have attitudes toward their employers' sensitive data that have the potential to expose their workplaces to internal sabotage and theft, according to a survey conducted by Harris Interactive for SailPoint, an identity management solutions provider based in Austin, TX.
Almost a quarter of U.S. workers (22 percent) told surveyors that they had no qualms about using their employer's confidential information whether access to it was intentional or accidental. That attitude was even higher in Australia (29 percent) and Great Britain (48 percent).
Forwarding confidential files to strangers didn't faze some employees, either. Ten percent of the survey's respondents in the United States admitted they'd forward files with sensitive information in them to non-employees of their companies. That number jumped to 12 percent in Australia and 27 percent in Great Britain.
A similar portion of workers had the same attitude about taking sensitive electronic data with them out the door when they left a company — nine percent in the United States, eight percent of Australians and 24 percent in Great Britain, revealed the survey of 3484 employees in the three nations.
“Organizations should be very concerned about the number of employees that openly admitted to misusing proprietary data,” Jackie Gilbert, vice president of marketing and cofounder at SailPoint, said in a statement.
“These results show that insider threats represent a significant risk to the business," she continued. "Some of the biggest and most costly data breaches have been directly tied to company employees."
"Having a written policy is not enough to ensure data security," she added. "Organizations need to have automated controls in place to monitor and manage user access controls in order to minimize the risk of insider theft or sabotage.”
An eyebrow raising finding in the survey was how willing workers in Great Britain were to sell proprietary information they had access to. Nearly a quarter (24 percent) of employees in that nation told surveyors that they felt comfortable selling their employer's data. That compares to five percent of American workers and four percent of Aussies.
“Unfortunately, it’s quite easy these days for employees to sell personal data on the Internet and there are not enough controls in place to prevent this theft from happening," Gilbert observed. "It’s startling to see such a high number of Great Britain employees saying they would profit from selling proprietary data on the Internet. That’s a wakeup call that companies need to take a more aggressive stance, particularly in certain geographies.”
In addition to surveying employees about access to private, sensitive data, the SailPoint survey also asked them about accessing corporate data through the use of mobile devices. The results highlight the importance of automatically scratching an employee's account when it's necessary to do so. Specifically, 15 percent of American, 29 percent of British and 18 percent of Australian employees use their mobile devices to access their company’s private Intranet or portals.
“Mobile devices can make it easier for a disgruntled employee to do a significant amount of damage,” Gilbert said. “If an employee has just been fired, it’s no longer sufficient to turn off email and confiscate their laptop. A disgruntled employee can do a lot of damage from a mobile device before he or she even reaches the elevator. As part of a successful identity governance strategy, companies must have the ability to immediately revoke all access privileges including access to private Intranet or portals.”
