Laid-off Workers as Data Thieves?

A Symantec/Ponemon report points to an ominous byproduct of the economic crisis: laid-off employees stealing data in acts of vengeance. CSO Senior Editor Bill Brenner is skeptical of this report's news value

By , Senior Editor
Tue, February 24, 2009

CSO

When the depths of the economic crisis became clear last September, public relations firms started using it as an opportunity to drum up publicity for their security vendor clients. One PR flak even started her e-mail pitch to me with an admission that the IT angle was a stretch.

"This might be a bit of hyperbole, but as companies like AIG and Lehman Brothers look for a bail out, it's not surprising that adoption of open source software is increasing significantly in the wake of today's economic downturn," the pitch read. That's right, the financial crisis means companies are fleeing to the safety of open source software, whether it's for security or other purposes. By the way, the flak wrote, her vendor client would be more than happy to talk to us about this all-important issue.

Bill Brenner

Fast-forward to late February: Job losses are mounting, the economic outlook is gloomier than ever, and the PR machine is angling for another opportunity to exploit the news.

The latest example is a newly-released report from security vendor Symantec Corp. and the Ponemon Institute suggesting a growing crime wave where laid-off workers exact vengeance on their former employers by walking out the door with sensitive customer data and other proprietary information.

The Ponemon Institute conducted the Web-based survey last month -- polling nearly 1,000 Americans who left an employer within the last year -- and found, according to the press release, that "59 percent of ex-employees admit to stealing confidential company information, such as customer contact lists. The results also show that if respondents' companies had implemented better data loss prevention policies and technologies, many of those instances of data theft could have been prevented."

Translation: If respondents' companies would buy some data loss prevention technology from Symantec, this sort of thing wouldn't happen.

Among the survey findings:

  • 53 percent of respondents downloaded information onto a CD or DVD, 42 percent onto a USB drive and 38 percent sent attachments to a personal e-mail account.
  • 79 percent of respondents took data without an employer's permission.
  • 82 percent of respondents said their employers did not perform an audit or review of paper or electronic documents before the respondent left his/her job.
  • 24 percent of respondents had access to their employer's computer system or network after their departure from the company.

"The survey's findings should sound the alarm across all industries: your sensitive data is walking out the door with your employees. Even if layoffs are not imminent, companies need to be more aware of who has access to sensitive business information," Ponemon Institute Founder and Chairman Larry Ponemon said in the press release. "Our research suggests that a great deal of data loss is preventable through the use of clear policies, better communication with employees, and adequate controls on data access." Added Rob Greer, senior director of product management for Data Loss Prevention solutions at Symantec: "Data loss during downsizing is preventable. We can prevent employees from emailing sensitive content to personal Webmail accounts or downloading it onto USB drives. Companies need to implement data loss prevention technologies so they know exactly where sensitive data resides, how it is being used, and prevent it from being copied, downloaded or sent outside the company."

Continue Reading

White Papers »
BPM for Insurance: Four Paths to Outdistancing Your Competition
Business process management (BPM) software is a transformative technology that is helping insurance companies rapidly address some of the industry's biggest historic challenges. One of the best things about BPM is that the technology can be applied broadly, allowing an insurance company to gain multiple economies of scale. This is a substantial benefit, but it also presents those who want to introduce BPM to their organizations with a challenge - where to start?
Overcome Top 7 Admin Challenges of Active Directory
As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable, enforceable processes that reduces administrative overhead and enables robust, customizable reporting and auditing capabilities. Brought to you by NetIQ.
Top Solutions and Tools to Prevent Devastating Malware
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts. This white paper has been brought to you by NetIQ, the leader in solving complex IT challenges.
Insiders Can Ruin Your Company. Take Action.
Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in organizations worldwide. This white paper from NetIQ, discusses key technology solutions that help to prevent and detect insider threats.
X-Ray of the PCI Process-4 Proactive Steps
This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into creating a compliant and secure IT environment. Follow these four proactive steps now before your next audit. Brought to you by NetIQ.
Streamline Compliance and Increase ROI
Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will help your business gain the maximum return on investment possible while aligning your compliance programs.
Webcasts »
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and enterprise campus network infrastructures for the Cloud, and identify ways to better allocate network resources, reduce operating costs and improve application performance.
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn about VMware customer, Navicure, and their experiences testing and evaluating the recovery manager, their progress in implementing it in their environment and their advice other customers considering using vCenter.
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and disaster recovery and support considerations.
Virtualizing Microsoft and Oracle on VMware vSphere: Benefits and Best Practices
Virtualizing business-critical applications is an essential step in your journey to the cloud. Microsoft SQL Server, Exchange and SharePoint, and Oracle applications, are often the backbone of business IT. The benefits of virtualizing these applications extend far beyond mere consolidation. Understanding how VMware improves quality of service and agility while reducing costs will help you make the case for taking virtualization to the next level in your company.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

BPM for Insurance: Four Paths to Outdistancing Your Competition

Overcome Top 7 Admin Challenges of Active Directory

Top Solutions and Tools to Prevent Devastating Malware

Insiders Can Ruin Your Company. Take Action.

X-Ray of the PCI Process-4 Proactive Steps

Streamline Compliance and Increase ROI

Has Your Server Infrastructure Kept Pace with End User Demands?

Delivering a Greener Data Center

Cloud-Scale Networks Using Open Fabric Architectures

Mobility in the Network: A Phased Technology Approach

Smarter Commerce is redefining value chain visibility

Digital Transformation: Creating New Business Models Where Digital Meets Physical

IBM Synchronizes its Commerce 2.0 Strategy with 'Smarter Commerce' Initiative

Identity Governance: The Business Imperatives

CA Technology Brief: CA Point of View: Content Aware Identity & Access Management

Enterprise Strategy Group: The Case for a New Data-centric DLP White Paper

Data Loss by the Numbers

Data Loss Prevention Solution for Managing E-Discovery

Best Practices in Data Protection - Executive Summary

Business Centric DLP
Sponsored Links

Push the limits of virtualization with HP. Get the tech dossiers and learn how you can put an end to runaway virtual sprawl.

Splunk translates machine data into "aha" moments for IT and the business.

Evolving Your Data Center for the Cloud

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Converge your infrastructure with HP. Access a valuable case study in the CI Resource Center now.

Redefine Software support with HP

Click to see how Accenture has delivered high performance to clients

Learn how Accenture helps clients become high-performing businesses.

Join the Conversation. Follow Oracle EPM & BI on Twitter Today.

Check Point Trusted by the Global 100

Customized information views & Twitter events at New Fulcrum Point

ShoreTel UC cuts costs like no other. Mobilize your business today.

E-book: Discover Business-Ready Storage Systems For Oracle Environments

Managed Hosting Buyer's Guide - Benefits to key considerations

Discover how integration of operations mgmt and service mgmt enhances productivity.

Converge your infrastructure with HP. Access white papers, case studies, videos and more.

High performance. Delivered. Click to see Accenture's client successes

See how Accenture helps clients perform at the highest levels

Compare risk and TCO in single and multivendor networks on Feb 23.

Connect with global CIOs now at Enterprise CIO Forum

Upcoming Webinar: Managing Cost in the Cloud

Resource Center
buy a link »
Ads by TechWords