The majority of workers admit to taking sensitive data with them when starting a new job, while 48% said that they would steal corporate information if they were sacked, according to a survey by security firm Cyber-Ark.
The survey, called ‘The global recession and its effect on work ethics’, quizzed 600 office workers in Canary Wharf and Wall Street and found that 41% admitted taking sensitive information with them to their new position. One third of respondents said that they would also steal data if it helped a friend or relative get a new job.
This is despite 85% of workers admitting they know it is illegal to steal company information.
The survey revealed shifting attitudes during the recession. In addition to those who would steal data if fired, 39% said they would do the same if they found out their job was at risk. A quarter of respondents said that they feel less loyalty towards their employer as a result of the recession.
“While we are seeing glimmers of hope in the UK and US economy, clearly employee confidence has been rocked. This survey shows that many workers are willing to do practically anything to ensure job security or make themselves more marketable – including committing a crime,” said Mark Fullbrook, UK director of Cyber-Ark.
Nearly one-third (29%) said that customer and contact details would be top of their hit list, followed by plans and proposals (18%), when looking for corporate information to steal. Alarmingly, the majority of workers (64%) said they would steal data just in case it helped them in the future, while 27% would use the information as a negotiating tool in interviews and 20% would use it in their new job.
The survey also revealed lax security at companies, as 57% of respondents said that it is easier to steal sensitive information this year than last year, when that figure was 29% last year.
“While there is no excuse for employees who are willing to compromise their ethics to save their job, much of the responsibility for protecting sensitive proprietary data is the responsibility of the employer,” said Fullbrook.
“Organisations must be willing to make improvements to how they monitor and control access to databases, networks and systems, even by those privileged users who have legitimate rights. Additional protection can be added with simple steps like frequently changing passwords and only granting access to certain information on-demand,” Fullbrook said.