Some 12% of workers take buyer particulars, well being information, gross sales contracts and different confidential knowledge when leaving an organization, in line with DTEX.
A former worker might attempt to promote account credentials from their earlier employer over the darkish internet. A present worker might document a confidential presentation by the CEO after which ship a hyperlink to that recording to the press. An present worker might share a buyer record with a 3rd celebration, which then was supplied on the market to a competitor. These are just some incidents of knowledge theft and insider threats investigated by workforce safety supplier DTEX all through 2022.
Released on Thursday, DTEX’s 2023 Insider Risk Investigations Report examined the scope of worker attrition and knowledge theft for 2022. To generate its report, the corporate checked out a whole lot of investigations performed by the DTEX Insider Intelligence and Investigations workforce for the 12 months. The outcomes level to a rise in company IP and knowledge theft.
Jump to:
What enterprise knowledge are workers stealing?
The i3 workforce investigated virtually 700 circumstances of knowledge theft by departing workers; this was twice as many circumstances as 2021. Based on the incidents, DTEX decided that 12% of workers take delicate data with them after they depart an employer. The stolen data included buyer knowledge, worker knowledge, well being information and gross sales contracts.
But, the 12% doesn’t take note of non-sensitive knowledge, reminiscent of templates and displays; primarily based on anecdotal proof, DTEX mentioned it believes that greater than half of departing employees depart with the sort of knowledge.
How are workers stealing knowledge?
Employees use just a few totally different strategies to seize company knowledge, together with screenshots, recordings, and syncing to non-public units or accounts. As only one instance, the worker who despatched a hyperlink of the CEO’s presentation to the press used a display recording software to seize the confidential knowledge after which uploaded the recording to a private account.
What elements contribute to workers’ knowledge theft incidents?
Employee termination was a significant contributor to knowledge theft and system sabotage final 12 months. In lots of the circumstances the DTEX workforce investigated, workers who had been terminated nonetheless had some kind of entry to their company accounts, even after that they had been laid off. In some circumstances, present workers offered company knowledge or account credentials to their former colleagues with out even realizing that they had been terminated.
SEE: Access administration coverage (TechRepublic Premium)
Aside from departing workers, present employees can pose a risk. Some workers preserve aspect gigs for which they use their company units. The unsanctioned use of third-party work on such units rose virtually 200% final 12 months. And in a shadow IT state of affairs, the usage of unsanctioned functions elevated by 55% over the identical time.
Employee knowledge theft warning indicators
To catch workers who could attempt to document or copy delicate data, DTEX suggests being looking out for sure early warning danger indicators. These embrace:
- The anomalous use of display or video recording software program at video conferences.
- Any analysis performed on tips on how to skirt previous safety controls.
- The use of non-public file companies, reminiscent of Google Drive or Dropbox.
- Saving delicate displays as photographs.
To cease workers who could also be utilizing company units or functions inappropriately, DTEX suggests on the lookout for some warning indicators. These embrace:
- Unusual browser exercise accessing websites not utilized by the final worker inhabitants.
- Signing into private social media accounts to hide exercise.
- Using a number of non-corporate webmail accounts.
- Administrative entry to accounting programs not associated to their job.
- Unusual use of non-public file sharing websites.
How to stop worker knowledge theft incidents
To defend your group towards knowledge theft and comparable threats, DTEX provides the next suggestions:
- Set up insurance policies that clearly outline the distinction between the private use and company use of knowledge, units, networks and different property. Make certain these insurance policies are conveyed to workers, whether or not they’re new, present or departing.
- Implement a zero-trust mindset when eradicating knowledge entry for departing workers. Always assume that there will likely be some remaining entry to delicate knowledge and programs after an worker leaves. Turn to instruments that can create a full audit path ought to an issue come up.
- Understand that know-how received’t be 100% efficient in thwarting knowledge theft. That’s why that you must focus in your insurance policies on this space and maintain evaluating your present procedures for departing workers.
- Be proactive by trying on the early warning indicators of malicious intent and never simply precise incidents.
- Maintain a trusted insider relationship with workers. Respect their privateness, talk insurance policies about knowledge entry and supply help fairly than suspicion.
Read subsequent: 10 greatest worker monitoring software program for 2023 (TechRepublic)