During and after the employee offboarding process, there’s a major security threat to your data. In their study called Do Ex-Employees Still Have Access to Your Corporate Data?, Osterman Research found that an overwhelming 89% of employees still had access to sensitive corporate data long after their time with the company came to an end. It’s possible for a terminated employee to wreak havoc on your systems, especially if they left on bad terms. That could be far more damaging than, say, disgruntled remarks on their personal social media accounts.
The statistics are daunting:
- A survey on Privileged Account Security & Compliance from CyberArk IT security found that 88% of IT workers said that if they were terminated, they would take sensitive data when they leave.
- According to Infosecurity Magazine, 70% of intellectual property theft happens within the first three months before an employee announces they’re resigning.
- The Code42 2019 Global Data Exposure Report states that 63% of employees have strongly suggested they brought data from their previous employer to the current one.
Information Security and Intelligence
Stealing and/or vandalising corporate data that is sensitive can be convenient for employees if they so choose. Aside from being in the position of having intimate access, they also have insider knowledge on how the organisation works systematically, and they’re trusted to the point wherein any data theft can go unnoticed until it’s too late.
A Code42 report found that 63% of employees brought data from their previous job to a new one. It’s not uncommon for someone looking to move to a new role elsewhere to feel like trade secrets from their old employer will give them a good advantage when applying elsewhere.
Management is also to be considered when it comes to stolen insider data. In another Code42 survey, an overwhelming 72% of CEO respondents said they’ve taken intellectual property that holds significant value from their previous jobs.
Protected data like Personally Identifiable Information (PII), as well as regulated data like Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and the like, could still be breached by a former employee. It’s important to have the best data security compliance frameworks possible. If the sensitive data falls into the wrong hand through a breach, even if it was a former employee who was responsible, the accountability falls under the former employer.
This can be particularly troublesome since it can cost around $14.8 million. That’s the average cost of non-compliance, which is up to 2.71 times more than that of compliance.
Keeping sensitive data secure is important for any company or organisation by default. When an employee is offloaded, data security becomes especially relevant. There is a possibility that if an employee was fired or left on bad terms, they end up taking sensitive data like Personally Identifiable Information or other classified materials with them. Any data breaches will fall under non-compliance of data security that the former employer, not the former employee, will end up being responsible for.
Looking for brand protection? Contact FraudWatch International today! We are a leading online brand protection company that has been protecting client brands around the world since 2003.