Organizations leaving themselves vulnerable to data breaches by former employees
A large proportion of businesses fail to adequately protect their networks from the potential threat posed by ex-employees, with IT decision makers surveyed as part of a study by OneLogin claiming that over half (58%) of former employees can still access the corporate network. The study also found that nearly a quarter (24%) of UK businesses have experienced data breaches by ex-employees.
Nearly all (92%) of respondents admitted to spending up to an hour on manually deprovisioning former employees from every corporate application. Half (50%) of respondents are not using automated deprovisioning technology to ensure an employee’s access to corporate applications stops the moment they leave the business. This deprovisioning burden may explain why over a quarter (28%) of ex-employee’s corporate accounts remain active for a month or more.
Also, the study revealed 45% of businesses don’t use a Security Information and Event Manager (SIEM) to audit for application usage by former employees, leaving vital corporate data exposed to potential leaks.
“The sheer level of data breaches revealed by our study, coupled with the revelation that many businesses are failing to put simple processes in place to promptly deprovision ex-employees, should raise serious alarm bells for business leaders,” said Alvaro Hoyos, Chief Information Security Officer at OneLogin. “Our study suggests that many businesses are burying their heads in the sand when it comes to this basic, but significant, threat to valuable data, revenue and brand image. There should be no excuse for this negligence, which will be brought further into the spotlight when the European Union’s General Data Protection Regulation (GDPR) comes into effect in 2018. GDPR makes data protection a legal requirement for organisations, which could face fines of up to €20 million or 4% of their annual turnover, depending on which is higher.”
“With this in mind, businesses should proactively seek to close any open doors that could provide rogue ex-employees with opportunities to access and exploit corporate data. Tools such as automated de-provisioning and SIEM will help close those doors with ease and speed, while also enabling businesses to manage and monitor all use of corporate applications. The first step is acknowledging the problem, which businesses now have done by confessing they are aware of the issue, they now need to take steps to fix this issue by utilising the available tools,” concludes Hoyos.