November 19, 2017

Advertise with us
HOME Press Releases › Businesses Knowingly Leave Themselves Vulnerable to (...)

Businesses Knowingly Leave Themselves Vulnerable to Ex-Employees

Monday 17 July 2017

A new study by OneLogin, the identity management provider bringing speed and integrity to the modern enterprise, reveals that a large proportion of businesses fail to adequately protect their networks from the potential threat posed by ex-employees. The study disclosed that IT decision makers are aware that over half (58 per cent) of former employees still can access the corporate network. Also, nearly a quarter (24 per cent) of UK businesses have experienced data breaches by ex-employees.

The study, which surveyed more than 600 UK-based IT decision-makers with influence over their business’s IT security, highlighted the flaws in the security processes within many companies. Nearly all (92 per cent) of respondents admitted to spending up to an hour on manually deprovisioning former employees from every corporate application. Half (50 per cent) of respondents are not using automated deprovisioning technology to ensure an employee’s access to corporate applications stops the moment they leave the business. This deprovisioning burden may explain why over a quarter (28 per cent) of ex-employee’s corporate accounts remain active for a month or more.

Also, the study revealed 45 per cent of businesses don’t use a Security Information and Event Manager (SIEM) to audit for application usage by former employees, leaving vital corporate data exposed to potential leaks.

“The sheer level of data breaches revealed by our study, coupled with the revelation that many businesses are failing to put simple processes in place to promptly deprovision ex-employees, should raise serious alarm bells for business leaders,” said Alvaro Hoyos, Chief Information Security Officer at OneLogin. “Our study suggests that many businesses are burying their heads in the sand when it comes to this basic, but significant, threat to valuable data, revenue and brand image. There should be no excuse for this negligence, which will be brought further into the spotlight when the European Union’s General Data Protection Regulation (GDPR) comes into effect in 2018. GDPR makes data protection a legal requirement for organisations, which could face fines of up to €20 million or 4% of their annual turnover, depending on which is higher.” of the issue, they now need to take steps to fix this issue

“With this in mind, businesses should proactively seek to close any open doors that could provide rogue ex-employees with opportunities to access and exploit corporate data. Tools such as automated de-provisioning and SIEM will help close those doors with ease and speed, while also enabling businesses to manage and monitor all use of corporate applications. The first step is acknowledging the problem, which businesses now have done by confessing they are aware by utilising the available tools,” concludes Hoyos.

Print this page  Recommend this article  Reply to this article    Del.icio.us   Digg   Technorati

November, 2017
MonTueWedThuFriSatSun
  12345
6789101112
13141516171819
20212223242526
27282930   


Advertise with us

Login


Register here

Press Releases

Upload your PR here

Advertise with us