Study: Data Breaches by Ex Employees a Concern

A recent study carried out by OneLogin showed many groups are not doing enough to stop data violations by ex-employees.

While access to computer systems and applications is a requirement during employment, many organizations are neglecting to block access to systems quickly when employees depart the company, even though ex-employees pose a significant data danger to security.

Preventing access to networks and email accounts when an member of staff is terminated or otherwise leaves the company expose by failing to complete one of the most basic security measures, yet all too often the process is delayed.

600 IT employees who had some responsibility for security in their organization were questioned for the study and around half of respondents said they do not immediately cut ex-employees’ network access rights. 58% said it takes longer than one day to delete ex-employees’ login permissions.

25% of respondents said it can take up to a week to prevent access, while more than one in five respondents said it can take up to a month to deactivate former employees. That gives them plenty of time to gain access to systems and obtain information. Almost 50% of respondents were aware of ex-employees who still had access to company networkd, while 44% of respondents lacked confidence that ex-employees had been denied access to their networks.

Deactivating permissions of ex-employees can be a labor-intensive task and IT departments are under considerable time pressure. It is simple to postpone the task and concentrate on other more pressing issues. Automatic provisioning technology can ease the time burden and enhance security, but many groups continue to perform the task manually. Whether automatic or manual, deprovisioning should take place quickly – as soon as the person is terminated or employment ceases.

20% of respondents said they had encountered at least one data violation by an  former employee, while approximately 50% of those people said more than 1 in 10 data violations experienced by their organization was due to an ex-employee.

For healthcare groups, ex-employees are a serious threat. There have been numerous instances of employees moving companies and taking patient lists with them when they leave. If access is not prevented, there is nothing to stop data being taken.

Further, if policies are not implemented to cover the deprovisioning of employees or if those policies are not strictly complied with to, organizations are at risk of receiving a HIPAA violation fine.

Author: Maria Perez