Forget locking down the stationery cupboard, what most employees take when they leave isn’t paperclips, it’s more likely to be access to sensitive company data. A report looking at ex-employees by Intermedia, has found nearly nine out of ten employees (89%) leave with usernames and passwords to the corporate Twitter or Salesforce account, or confidential files stored in personal Dropbox accounts.
The 2014 Intermedia SMB Rogue Access Study, released today is based on a survey of knowledge workers performed by Osterman Research, this study quantifies the staggering scope of the “Rogue Access” problem. And it presents a wake-up call for every business in the country.
Of those interviewed a staggering 89% retained access to Salesforce, PayPal, email, SharePoint or other sensitive corporate apps, While just short of half (45%) of those polled retained access to “confidential” or “highly confidential” data.
While ex-employees having passwords is worrying, the number tempted into using the passwords after they left is very worrying. Nearly one in two 49% actually logged into ex-employer accounts after leaving the company and many (68%) admitted to storing work files in personal cloud storage services.
The survey also found that one of the weakest points identified in the report is the lack of formal “IT offboarding” procedures. Three out of five (60%) of respondents said they were not asked for their cloud logins when they left their companies.
“Most small businesses think ‘IT security’ applies only to big businesses battling foreign hackers,” says Michael Gold, President of Intermedia. “This report should shock smaller businesses into realising that they need to protect their leads databases, financial information and social reputation from human error as well as from malicious activity.”