Protecting Your Data Is Our Business

Microexpert has a long track record of helping clients protect the confidentiality and integrity of their information systems. We can provide the following products and services,
  • Information Risk Assessment
  • Protective Monitoring (Mirkatz Network Defense Units)
  • Fraud Prevention and Detection
  • Insider Attack Prevention and Detection
  • Electronic Payment System Architects
  • Identity Management Architects
We are also specialists in the technology of cryptographic security objects such as smart cards, SIM cards and USB tokens and can advise on their use in Government, Financial and Commercial environments.

Thursday, 26 March 2009

Corporate Data Leaks Through Former Employees

Through a current survey conducted by Ponemon Institute and supported by Symantec Corporation in February 2009, it has been revealed that 60 percent of former employees keep corporate data after employment has been terminated.

The results presented by Dr Larry Ponemon, rightfully titled “Data Loss Risks During Downsizing- As Employees Exit, so does Corporate Data”, disclosed that of the sample population surveyed, 20 percent of recipients are employees who left or had their job terminated in the past 12 months. After asking “Did you have access to your former company's computer system or network after departure or termination of employment?” alarmingly over 25 percent of respondents can regain access to their former employer's computer networks.

A similar survey composed by Cyber-Ark, the IT security group, also worryingly reveals that 58 percent of British workers are prepared to acquire confidential company data if faced with possible job termination and 40 percent of the people surveyed said that they were already removing confidential data.

Those that have responded to the surveys have also identified that the data being accessed after employment are being used to aid finding a new job, starting their own business or to accomplish revenge through the means of leaking company sensitive data to competitors and customers.

The databases of client and customers are the most likely forms of data to be stolen, but along with the financial services sector, business proposals and product information, they are at the most highest risk from employee data theft.

Many employees have many different methods for removing data from companies, the numbers increasing as the years go on. The opportunities for data removal are made easier on a day to day basis with an ever increasing amount of small devices, each having the capacity to hold many gigabytes of data and work.

The Ponemon Institute survey reveals that the main four means of information transfer used by employees when keeping proprietary data include taking and hand carrying files, downloading documents onto CD or DVD, downloading electronic files onto a USB memory stick or sending documents as an e-mail attachment. These are the most occurring methods used by former employees to gain corporate information, with 61 percent hand carrying the information upon leaving work, 53 percent downloading the information onto CD or DVD and 41 percent of data removal being USB Memory Sticks or access through the company networks.

The surveys that have been published of late all demonstrate the risks of trusted insiders using corporate and sensitive data, highlighting the importance for all businesses to use and become more responsible for information security management, as well as increasing the security of sensitive information by protecting more files from employees.

Without hardening the security surrounding these files, more employees and insiders are going to be able to leak information through the company to customers and competition, causing business reputations and e-assets to be blundered.
Posted by Microexpert at 3:52 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)