The Dangers of the Rogue Employee & Weak Network Security Policies
Usually, the big data breaches involve experienced hackers in foreign countries, but your company’s biggest threat to its network security policies may be the guy who sat next to you. The guy who just had his personal belongings packed. The guy who just left the office kicking and screaming before peeling out of the parking lot.
Your ex-coworker. You know him as Bob. Your company may soon know him as their biggest nightmare; the rouge employee.
Intermedia just released a great infographic and study featuring some shocking statistics about employee data theft and what companies can do to protect against a rogue employee like Bob.
The report looks at Bureau of Labor statistics and labor turnover in the professional and business services industry, and looks at the amount of information some 923,000 people who left their jobs in November, 2014 took with them.
It’s a huge wake up call for businesses, and a call to enhance their network security policies, especially if Bob left on less-than-agreeable terms.
Let’s look at the statistics Intermedia put together, and talk about what your business can do in terms of tightening its network security policies to reverse these statistics and be in a better position to avoid an inside-attack from a rogue employee.
Shocking Statistics about the Rogue Employee & Employee Data Theft
According to the study, 89% of ex-employees are walking away with at least one password they used every day on the job. Passwords they have memorized. These passwords were to a variety of sensitive platforms that could be used in a detrimental way. Passwords to Salesforce, PayPal, email, SharePoint, the company Facebook page and more were among those mentioned in the study. Think of all the ways an ex-employee can use these passwords to a company’s disadvantage. An ex-employee could withdraw funds from your company PayPal account. They could delete vital documents stored on SharePoint. They could post a less-than-flattering photo of their former boss on the company Facebook page. There are plenty of things a former employee could do with a password. A rogue employee could leak passwords to Russian hackers, for all we know. When an employee leaves, change your passwords. All of them. Don’t just change it from P@ssword1 to P@ssword2. Use a secure password. Something they wouldn’t be able to access after some deep, or not-so-deep thinking.
Ex-employees do use this information to a staggering degree. The report states that 49% of ex-employees logged into an account after leaving the company, while 45% of employees retained access to “confidential” data. That constitutes as employee-data theft alone.
Along with confidential data, 88% of employees retain access to file sharing services they used at their old job, including Dropbox, Google Drive, SharePoint, Box and more. 60% of employees who had a personal cloud login were not asked for their password when they left their companies, either.
Rogue employee access, simply stated creates several problems.
- • An ex-employee can purge their personal cloud storage, which results in companies losing copies of their work.
- • Rogue access, can be considered a security breach.
- • Stolen secrets could be used to the advantage of competitors
- • An ex-employee accessing accounts constitutes a regulatory compliance failure, and your company could face fines and more if ex-employees can still access and edit data.