News Insider Threat
Ex-Employees Say It's OK To Take Corporate Data With Them
New Symantec survey finds nearly 70 percent of employees who recently left or were fired from their job say their organizations don't prevent them from using confidential info
They can and will take it with them: Half of employees say they took corporate data with them when they left their jobs or were fired, and 40 percent plan to use that data in their new positions at other organizations, according to a new report.
The Ponemon Institute, commissioned by Symantec, surveyed more than 3,300 people in the U.S., U.K., France, Brazil, China, and Korea to study intellectual property theft and abuse by employees.
More Security Insights
- Transitioning to Multicore Development
- Digital Transformation: Creating new business models where digital meets physical
- Best Practices: 6 Security Services Every Small Business Must Have
- Best Practices: Using Apple's Global Proxy to Boost Mobile Security
- How Attackers Identify and Exploit Software and Network Vulnerabilities
- Getting a Grip on Mobile Malware
Sixty-two percent don't think this practice is wrong, either: They say it's OK to take corporate data with them via their PCs, tablets, smartphones, or cloud file-sharing applications. Some 56 percent say using this information from their old employers is not a crime. They consider the person who created the intellectual property as its owner: Forty-four percent say a software developer who wrote source code for his company is part owner of that work, and 42 percent say it's no crime to reuse that source code at other companies.
But the real problem appears to be within many organizations that don't prioritize data protection and policies: Thirty-eight percent of the respondents say their managers consider data protection a business priority, while more than half say taking corporate data is legitimate because their organizations don't enforce any policies against it.
"Companies cannot focus their defenses solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain. The everyday employee, who takes confidential corporate data without a second thought because he doesn’t understand it’s wrong, can be just as damaging to an organization," said Lawrence Bruhmuller, vice president of engineering and product management at Symantec.
The full report, "What’s Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk," is available here for download.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.