Some 12% of workers take buyer particulars, well being data, gross sales contracts and different confidential knowledge when leaving an organization, in response to DTEX.
A former worker may attempt to promote account credentials from their earlier employer over the darkish internet. A present worker may document a confidential presentation by the CEO after which ship a hyperlink to that recording to the press. An present worker may share a buyer record with a 3rd social gathering, which then was supplied on the market to a competitor. These are only a few incidents of information theft and insider threats investigated by workforce safety supplier DTEX all through 2022.
Launched on Thursday, DTEX’s 2023 Insider Danger Investigations Report examined the scope of worker attrition and knowledge theft for 2022. To generate its report, the corporate checked out a whole bunch of investigations carried out by the DTEX Insider Intelligence and Investigations crew for the yr. The outcomes level to a rise in company IP and knowledge theft.
Leap to:
What enterprise knowledge are workers stealing?
The i3 crew investigated virtually 700 circumstances of information theft by departing workers; this was twice as many circumstances as 2021. Primarily based on the incidents, DTEX decided that 12% of workers take delicate data with them once they go away an employer. The stolen data included buyer knowledge, worker knowledge, well being data and gross sales contracts.
However, the 12% doesn’t bear in mind non-sensitive knowledge, equivalent to templates and shows; based mostly on anecdotal proof, DTEX mentioned it believes that greater than half of departing employees go away with any such knowledge.
How are workers stealing knowledge?
Workers use a couple of totally different strategies to seize company knowledge, together with screenshots, recordings, and syncing to non-public units or accounts. As only one instance, the worker who despatched a hyperlink of the CEO’s presentation to the press used a display screen recording device to seize the confidential knowledge after which uploaded the recording to a private account.
What components contribute to workers’ knowledge theft incidents?
Worker termination was a serious contributor to knowledge theft and system sabotage final yr. In most of the circumstances the DTEX crew investigated, workers who had been terminated nonetheless had some sort of entry to their company accounts, even after they’d been laid off. In some circumstances, present workers supplied company knowledge or account credentials to their former colleagues with out even understanding they’d been terminated.
SEE: Entry administration coverage (TechRepublic Premium)
Other than departing workers, present employees can pose a menace. Some workers keep aspect gigs for which they use their company units. The unsanctioned use of third-party work on such units rose virtually 200% final yr. And in a shadow IT situation, using unsanctioned functions elevated by 55% over the identical time.
Worker knowledge theft warning indicators
To catch workers who might attempt to document or copy delicate data, DTEX suggests being looking out for sure early warning danger indicators. These embody:
- The anomalous use of display screen or video recording software program at video conferences.
- Any analysis carried out on easy methods to skirt previous safety controls.
- The usage of private file providers, equivalent to Google Drive or Dropbox.
- Saving delicate shows as pictures.
To cease workers who could also be utilizing company units or functions inappropriately, DTEX suggests searching for some warning indicators. These embody:
- Uncommon browser exercise accessing websites not utilized by the final worker inhabitants.
- Signing into private social media accounts to hide exercise.
- Utilizing a number of non-corporate webmail accounts.
- Administrative entry to accounting techniques not associated to their job.
- Uncommon use of private file sharing websites.
Learn how to forestall worker knowledge theft incidents
To guard your group towards knowledge theft and related threats, DTEX gives the next suggestions:
- Arrange insurance policies that clearly outline the distinction between the non-public use and company use of information, units, networks and different property. Be certain these insurance policies are conveyed to workers, whether or not they’re new, present or departing.
- Implement a zero-trust mindset when eradicating knowledge entry for departing workers. All the time assume that there will likely be some remaining entry to delicate knowledge and techniques after an worker leaves. Flip to instruments that can create a full audit path ought to an issue come up.
- Perceive that expertise received’t be 100% efficient in thwarting knowledge theft. That’s why it’s worthwhile to focus in your insurance policies on this space and maintain evaluating your present procedures for departing workers.
- Be proactive by trying on the early warning indicators of malicious intent and never simply precise incidents.
- Preserve a trusted insider relationship with workers. Respect their privateness, talk insurance policies about knowledge entry and supply assist quite than suspicion.
Learn subsequent: 10 greatest worker monitoring software program for 2023 (TechRepublic)
