Ex-employees pose significant data breach risk
Over half of former employees can still access their organisation’s corporate network, and businesses are failing to adequately protect their networks from the potential threat posed by ex-employees. As a result, nearly a quarter of UK businesses have experienced data breaches by ex-employees, according to a new study by identity management provider, OneLogin.
The study, which surveyed more than 600 UK-based IT decision-makers with influence over their business’ IT security, highlighted the flaws in the security processes within many companies. Nearly all (92%) respondents admitted to spending up to an hour on manually deprovisioning former employees from every corporate application. Half (50%) of respondents are not using automated deprovisioning technology to ensure an employee’s access to corporate applications stops the moment they leave the business. This deprovisioning burden may explain why over a quarter (28%) of ex-employees’ corporate accounts remain active for a month or more.
Also, the study revealed 45% of businesses don’t use a Security Information and Event Manager (SIEM) to audit for application usage by former employees, leaving vital corporate data exposed to potential leaks. Hoyos concluded;
“The sheer level of data breaches revealed by our study, coupled with the revelation that many businesses are failing to put simple processes in place to promptly deprovision ex-employees, should raise serious alarm bells for business leaders,” said Alvaro Hoyos, Chief Information Security Officer at OneLogin.
“Our study suggests that many businesses are burying their heads in the sand when it comes to this basic, but significant, threat to valuable data, revenue and brand image. There should be no excuse for this negligence, which will be brought further into the spotlight when the European Union’s General Data Protection Regulation (GDPR) comes into effect in 2018. GDPR makes data protection a legal requirement for organisations, which could face fines of up to €20m or 4% of their annual turnover, depending on which is higher.
“With this in mind, businesses should proactively seek to close any open doors that could provide rogue ex-employees with opportunities to access and exploit corporate data. Tools such as automated de-provisioning and SIEM will help close those doors with ease and speed, while also enabling businesses to manage and monitor all use of corporate applications. The first step is acknowledging the problem, which businesses now have done by confessing they are aware of the issue; they now need to take steps to fix this issue by utilising the available tools,”