More Than Half of Ex-Employees Admit to Stealing Company Data According to New Study
Survey conducted by the Ponemon Institute and Symantec reveals companies lack adequate data loss prevention controls
Cupertino, Calif. and Traverse City, Mich. – Symantec Corp. (Nasdaq: SYMC) and the Ponemon Institute, a leading privacy and information management research firm, today announced the findings of a joint survey of employees who lost or left a job in 2008, which revealed 59 percent of ex-employees admit to stealing confidential company information, such as customer contact lists. The results also show that if respondents’ companies had implemented better data loss prevention policies and technologies, many of those instances of data theft could have been prevented.
Of respondents who admitted to taking company data, 61 percent also reported having an unfavorable view of their former employer. The most commonly identified kinds of records taken included e-mail lists, employee records, customer information including contact lists, and non-financial information. Although respondents were spread across many different industries, the highest percentage of survey responses came from the financial services industry.
Additional Survey Findings
* 53 percent of respondents downloaded information onto a CD or DVD, 42 percent onto a USB drive and 38 percent sent attachments to a personal e-mail account.
* 79 percent of respondents took data without an employer’s permission.
* 82 percent of respondents said their employers did not perform an audit or review of paper or electronic documents before the respondent left his/her job.
* 24 percent of respondents had access to their employer’s computer system or network after their departure from the company.
The Ponemon Institute conducted the web-based survey in January 2009, polling nearly 1,000 adult participants located in the United States who left an employer within the past 12 months.
* “Data loss during downsizing is preventable. We can prevent employees from emailing sensitive content to personal Webmail accounts or downloading it onto USB drives,” said Rob Greer, senior director of product management for Data Loss Prevention solutions at Symantec. “Companies need to implement data loss prevention technologies so they know exactly where sensitive data resides, how it is being used, and prevent it from being copied, downloaded or sent outside the company.”
* “The survey’s findings should sound the alarm across all industries: your sensitive data is walking out the door with your employees. Even if layoffs are not imminent, companies need to be more aware of who has access to sensitive business information,” said Larry Ponemon, chairman and founder, Ponemon Institute, LLC. “Our research suggests that a great deal of data loss is preventable through the use of clear policies, better communication with employees, and adequate controls on data access.”
About The Ponemon Institute
The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. Visit the Ponemon Institute at www.ponemon.org.
About Symantec Data Loss Prevention
Symantec delivers the industry’s only unified platform to discover, monitor and protect confidential data. Symantec Data Loss Prevention gives organizations new confidence to demonstrate compliance while protecting their customers, brand, and intellectual property, including more than 30 percent of the Fortune 100. Symantec’s Data Loss Prevention solutions comprehensively protect confidential data across endpoint, network and storage systems.
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.
Note to Editors: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This news content was configured by WebWire editorial staff. Linking is permitted.
News Release Distribution and Press Release Distribution Services Provided by WebWire.