Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

IT Workers Believe Employees Would Sell Company Data if Price is Right: Survey

Insider Threat Fears Exacerbated by Identity Management Challenges

A new survey of IT decision makers found that nearly half believe their employees would sell company data for the right price.

Insider Threat Fears Exacerbated by Identity Management Challenges

A new survey of IT decision makers found that nearly half believe their employees would sell company data for the right price.

The 2013 Market Pulse Survey was conducted by research firm Loudhouse and fielded answers from 400 IT executives in the United States and U.K. Among those decision makers, 45 percent believe that employees within their organization would be prepared to sell company data.

The core of the problem however is not just suspicious employers and employees. According to the study, it is an overall failure to fully manage identity and access. Fifty-two percent admit their employees have read or seen company documents they should not have had access to, and more than 50 percent of the respondents have experienced situations where terminated employees tried to access company data or applications after they left the organization.

Insider Threats

“Many organizations are struggling to manage ‘who has access to what?’ across the enterprise,” said Jackie Gilbert, CMO and founder of SailPoint, which commissioned the study, in a statement. “And as our survey indicates, the growing adoption of cloud and mobile technologies is making the problem significantly worse. It’s pretty clear that if you’re not proactively managing cloud and mobile access today, you’re at increased risk of fraud, data theft, and security breaches.”

Eighty-four percent of enterprises use cloud-based applications to support major business processes, and 82 percent allow employees to use their personal devices to access corporate data or applications. However, while cloud applications are part of their IT environments, 41 percent of respondents admitted they are unable to manage them as part of their identity and access management strategy. In addition, just 41 percent said they have a process in place to automatically remove mission-critical data from mobile devices.

In more bad news, 46 percent said they are not confident in their ability to grant or revoke employee access across their entire IT infrastructure.

“There’s no denying it, cloud and mobile technologies are becoming mainstream,” Gilbert added. “But, as our survey indicates, enterprises are still ‘catching up’ to the required levels of oversight and control they need.”

The survey can be read here.

*Headline adjusted to better reflect content in report

Written By

Click to comment

Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Identity & Access

Strata Identity has raised $26 million in a Series B funding round led by Telstra Ventures, with additional investment from Forgepoint Capital, Innovating Capital,...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.