View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 13, 2014

Majority of ex-employees can still access sensitive info

The report warns businesses about staggering scale of the ‘Rogue Access’ issue.

By CBR Staff Writer

With several hundreds of US citizens leaving their jobs every month, they carry with them previledge IT access to corporate apps such as Twitter accounts and confidential files stored in personal Dropbox accounts, a new report states.

Warning businesses about the staggering scale of the ‘Rogue Access’ problem, Osterman Research’s latest study is a wake-up call for every business in the US.

According to the 2014 Intermedia SMB Rogue Access Study, about 89% of those surveyed held access to Salesforce, PayPal, email, SharePoint and other sensitive corporate apps.

Intermedia president Michael Gold said: "Most small businesses think ‘IT security’ applies only to big businesses battling foreign hackers.

"This report should shock smaller businesses into realising that they need to protect their leads databases, financial information and social reputation from human error as well as from malicious activity."

About 45% still gained access to ‘confidential’ or ‘highly confidential’ information, with 49% of them actually logged into ex-employer accounts upon departing the company and 68% of them confess to storing work files in personal cloud storage services.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Lack of formal ‘IT offboarding’ procedures has been found to be one of the weakest points, with 60% of respondents were NOT asked for their cloud logins upon leaving companies.

Using Rogue Access, annoyed ex-employees may pinch money from PayPal, forge financial details in Quickbooks, or post improperly on company social media.

Well-intentioned ex-employees might purge important files from their personal cloud storage. And there are legal risks as well, such as the inability to complete eDiscovery or the failure to comply with regulatory obligations to protect sensitive data.

This can be avoided by implementing strict access and user lifecycle management policies; offer business-grade cloud storage that’s as easy to use as consumer-grade services and ultimately offer single sign-on portals to users.

Osterman Research president Michael Osterman said: "People want to work at home. They want files available when they’re traveling.

"But when a company puts this functionality into place in an organic, uncoordinated way, there are real risks they may not have considered.

"This report provides direction for these companies to regain control over their cloud."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.