Some 12% of staff take buyer particulars, well being data, gross sales contracts and different confidential knowledge when leaving an organization, in response to DTEX.
A former worker may attempt to promote account credentials from their earlier employer over the darkish internet. A present worker may file a confidential presentation by the CEO after which ship a hyperlink to that recording to the press. An current worker may share a buyer listing with a 3rd get together, which then was provided on the market to a competitor. These are just some incidents of information theft and insider threats investigated by workforce safety supplier DTEX all through 2022.
Launched on Thursday, DTEX’s 2023 Insider Threat Investigations Report examined the scope of worker attrition and knowledge theft for 2022. To generate its report, the corporate checked out lots of of investigations performed by the DTEX Insider Intelligence and Investigations workforce for the 12 months. The outcomes level to a rise in company IP and knowledge theft.
Soar to:
What enterprise knowledge are staff stealing?
The i3 workforce investigated virtually 700 circumstances of information theft by departing staff; this was twice as many circumstances as 2021. Based mostly on the incidents, DTEX decided that 12% of staff take delicate info with them after they go away an employer. The stolen info included buyer knowledge, worker knowledge, well being data and gross sales contracts.
However, the 12% doesn’t have in mind non-sensitive knowledge, akin to templates and displays; based mostly on anecdotal proof, DTEX stated it believes that greater than half of departing staff go away with this sort of knowledge.
How are staff stealing knowledge?
Workers use just a few totally different strategies to seize company knowledge, together with screenshots, recordings, and syncing to non-public units or accounts. As only one instance, the worker who despatched a hyperlink of the CEO’s presentation to the press used a display recording instrument to seize the confidential knowledge after which uploaded the recording to a private account.
What elements contribute to staff’ knowledge theft incidents?
Worker termination was a significant contributor to knowledge theft and system sabotage final 12 months. In most of the circumstances the DTEX workforce investigated, staff who had been terminated nonetheless had some kind of entry to their company accounts, even after that they had been laid off. In some circumstances, present staff offered company knowledge or account credentials to their former colleagues with out even figuring out that they had been terminated.
SEE: Entry administration coverage (TechRepublic Premium)
Except for departing staff, current staff can pose a menace. Some staff preserve facet gigs for which they use their company units. The unsanctioned use of third-party work on such units rose virtually 200% final 12 months. And in a shadow IT situation, using unsanctioned purposes elevated by 55% over the identical time.
Worker knowledge theft warning indicators
To catch staff who might attempt to file or copy delicate info, DTEX suggests being looking out for sure early warning danger indicators. These embody:
- The anomalous use of display or video recording software program at video conferences.
- Any analysis performed on tips on how to skirt previous safety controls.
- Using private file providers, akin to Google Drive or Dropbox.
- Saving delicate displays as photos.
To cease staff who could also be utilizing company units or purposes inappropriately, DTEX suggests on the lookout for some warning indicators. These embody:
- Uncommon browser exercise accessing websites not utilized by the overall worker inhabitants.
- Signing into private social media accounts to hide exercise.
- Utilizing a number of non-corporate webmail accounts.
- Administrative entry to accounting programs not associated to their job.
- Uncommon use of non-public file sharing websites.
Tips on how to forestall worker knowledge theft incidents
To guard your group towards knowledge theft and related threats, DTEX presents the next suggestions:
- Arrange insurance policies that clearly outline the distinction between the non-public use and company use of information, units, networks and different belongings. Be sure these insurance policies are conveyed to staff, whether or not they’re new, current or departing.
- Implement a zero-trust mindset when eradicating knowledge entry for departing staff. All the time assume that there will probably be some remaining entry to delicate knowledge and programs after an worker leaves. Flip to instruments that may create a full audit path ought to an issue come up.
- Perceive that know-how gained’t be 100% efficient in thwarting knowledge theft. That’s why you could focus in your insurance policies on this space and hold evaluating your current procedures for departing staff.
- Be proactive by wanting on the early warning indicators of malicious intent and never simply precise incidents.
- Keep a trusted insider relationship with staff. Respect their privateness, talk insurance policies about knowledge entry and provide assist moderately than suspicion.
Learn subsequent: 10 finest worker monitoring software program for 2023 (TechRepublic)
