Leaving a job isn’t as simple as returning company issued equipment and key cards anymore. More than a third of former employees still have access to their company data, according to latest research from Beyond Identity, a passwordless authentication platform provider.
Beyond Identity surveyed 1,121 employees and employers across Ireland, the U.K. and the U.S. to find out how exactly employees are using and/or misusing their continued access.
Of the respondents, 83% said that they still had access to the digital assets of their previous employer.
The information former employees most commonly took and still have access to are old email accounts (35%), work-related materials on a personal device (35% ), company social media accounts (31%), software accounts (31%), shared files or documents (31% ), accounts with a third party system (29%), other employees email account (27%), back end of employer website (25%), and access to companies financial information (14%).
Abuse of Access
The most common taken information from former employers is contact information for coworkers (31%), saved conversations with coworkers (30%), company ideas (27%), saved conversations with the employer (26%), notes on work completed (25%), contact information for clients (25%), company financial information (24%), process related documents (24%), passwords (24%), and pay stubs and tax information (14%).
Related: What is Zero Trust and How Do You Implement It?
Of the Beyond Identity survey respondents, 28% admitted they gained access to the back end of their previous company’s website row. The same amount also admitted to logging into someone’s email other than their own. When asked if they told their former employer about any of this access only 59% said yes.
Cyber Exit Risks
Fifty-six percent of respondents said that they had used their digital access to intentionally harm their previous employer. Among those who’d been fired, the statistic increased to 70%, according to Beyond Identity.
Of the 218 business leaders that Beyond Identity interviewed, nearly three quarters of them reported having been harmed by a previous employee. Thirty-nine percent said this included the employee accessing the company’s financial information, followed by 37% who mentioned them gaining unwanted access to emails.
More than a third said a disgruntled former employee had hacked into the back end of the company website, taking company files and/or accessed company software.
The research also revealed only half of employers are attempting to completely wipe a device after an employee’s departure.
When it comes off boarding, an IT specialist was only involved 9% of the time.
Every time a former employee logs onto the company network, they put their company’s digital security at risk.
It’s now more important than ever to have proper offboarding procedures and access policies in place.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply