View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
March 21, 2016updated 04 Sep 2016 11:21pm

Insider threat: 20% of office workers would sell corporate passwords to third parties

News: The number of employees who would sell information is rising.

By Alexander Sword

Employees are increasingly creating security risks in their organisations, both deliberately and through negligence.

65 percent of office workers use a single password among applications, according to a survey commissioned by SailPoint. The survey also found that a third of employees shared passwords with co-workers.

Perhaps most worryingly, however, the survey revealed that nearly one in five employees would sell passwords to an outsider, while 26 percent admitted to uploading sensitive information to cloud apps with the aim of sharing it outside the company.

These figures, from the 2016 Market Pulse report, showed that many of these risks were increasing.

Last year, one in seven respondents was willing to sell their passwords to a third party while 20 percent shared passwords with co-workers and 56 percent shared passwords among applications.

Specifically in the UK, 16 percent of respondents would sell their passwords, while 56 percent would sell their passwords for £700 or below.

Globally, 42 percent of respondents were able to access corporate accounts and data after termination, or 39 percent in the UK.

Content from our partners
An evolving cybersecurity landscape calls for multi-layered defence strategies
An evolving cybersecurity landscape calls for multi-layered defence strategies
Powering AI’s potential: turning promise into reality
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
Unlocking growth through hybrid cloud: 5 key takeaways

These are not simply hypothetical threats. Recently, a former Ofcom employee gave a large amount of sensitive data from the regulator to his new employer, in the largest breach in the company’s history.

The Guardian report said that as much as six years of data that submitted to the regulator by broadcasters was downloaded. The new employer, said to be a major broadcaster, was offered this information but instead disclosed Ofcom to the theft.

The breach reveals that it is not just the company hit by the breach that can be damaged by hacks; it could also impact third parties with information stored there.

SailPoint argued that the solution was to make employees "shepherds" of corporate data.

"Just as organisations need to be committed to ensuring the proper security policies and IT controls are in place, it’s imperative that employees understand the implications of how they practice those policies," the report said.

The survey, conducted by Vanson Bourne, surveyed 1000 office workers across the United Kingdom, the United States, Germany, France, the Netherlands and Australia.

Websites in our network
The New Statesman Press Gazette Spears World of Fine wine Elite Traveler Leadmonitor
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU