Brits More Likely to Profit from Stolen Data
British employees are nearly five times more likely than their American counterparts to sell their company's proprietary information on the Internet, according to new research.
A recent SailPoint Market Pulse Survey found that 24 percent of British employees, compared with just 5 percent of Americans, said they would feel comfortable profiting from the sale of company data online.
Given the ease of selling personal data on the Internet, companies must ensure they have stringent controls to prevent it from happening, said Jackie Gilbert, vice president of marketing and co-founder of SailPoint.
"It's startling to see such a high number of Great Britain employees saying they would profit from selling proprietary data on the Internet," Gilbert said in a statement. "That's a wake-up call that companies need to take a more aggressive stance, particularly in certain geographies."
The survey also found that IT managers should keep a watchful eye on which employees have access to sensitive materials.
The research showed that a quarter of U.S. employees who have access to their employer’s or clients’ private data said they would feel comfortable doing something other than their authorized work with that data.
Additionally, 10 percent of American employees said they would forward electronic company documents to a non-employee, with 9 percent admitting they would copy electronic data and files to take with them when they leave.
“These results show that insider threats represent a significant risk to the business," Gilbert said. "Some of the biggest and most costly data breaches have been directly tied to company employees."
Gilbert said it’s critical for businesses to have systems in place that manage the risk of insider threats while also allowing necessary access for employees. Strengthening controls over permanent employee and contractor access privileges could accomplish that goal, Gilbert said.
With the survey showing 15 percent of Americans are connecting into their employer's network through mobile devices, that potential security breach needs to be considered as well, Gilbert said.
"A disgruntled employee can do a lot of damage from a mobile device before he or she even reaches the elevator," Gilbert said. "As part of a successful identity governance strategy, companies must have the ability to immediately revoke all access privileges, including access to private Intranet or portals.”
Conducted this spring, the study surveyed more than 3,400 employees in the United States, Great Britain and Australia.