Data Threat: Your Ex-Employees

Despite increasing cyber-security awareness at companies of all sizes, many businesses are not doing enough to guard against security threats brought on by ex-employees, according to a new study from identity management provider OneLogin.

The company surveyed 500 US-based IT decision makers, and 20 percent of the respondents said failure to de-provision employees from corporate applications has contributed to a data breach at their organisation.

The research found that nearly half (48 percent) of respondents are aware of former employees who still have access to corporate applications, with 50 percent saying ex-employee’s accounts remain active once they have left the company for longer than a day.

One quarter (25 percent) of respondents take more than a week to deprovision a former employee and the same percentage said they don’t know how long accounts remain active once the employee has left the company.

The study finds close to half (44 percent) of respondents, lack confidence that former employees have been removed from corporate networks at all.

“The bottom-line is that companies aren’t following very basic but essential security measures around employee provisioning and deprovisioning,” said Alvaro Hoyos, chief information security officer at OneLogin. “This should be a cause for concern among business leaders, especially considering how many data breaches are caused by ex-employees.”

Information-Management:

You Might Also Read:

Employees That Cause Data Breaches:

Safeguard Data When Employees Leave:

 

« IoT Is Becoming A Nightmare For IT
British Innovation Lags Behind France & Germany’s »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

CLUSIF

CLUSIF

Clusif is the reference association for digital security in France. Its mission is to promote the exchange of ideas and feedback through working groups, conferences and publications.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Griffiss Institute (GI)

Griffiss Institute (GI)

GI's primary role is to advocate and facilitate the co-operation of private industry, academia, and the Air Force Research Laboratory in developing solutions to critical cyber security problems.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

Siemens

Siemens

Siemens Industrial Security Services provide solutions for cybersecurity in automation environments based on the recommendations of the international standard IEC 62443.

Brace168

Brace168

Specialising in Cyber Security incident identification and response, Brace168 is uniquely positioned to provide a vast experience in managed security services to meet the needs of all business types.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Triaxiom Security

Triaxiom Security

Triaxiom Security offers penetration testing, security audits, and strategic consulting customized to meet your needs.

KSOC Labs

KSOC Labs

KSOC is an event-driven SaaS platform built to automatically remediate Kubernetes security risks.

Dataminr

Dataminr

Dataminr Pulse helps organizations strengthen business resilience with AI-powered, real-time risk and event discovery—and the integrated tools to manage responses.

Readynez

Readynez

Readynez is the digital skills concierge service that helps you ensure your workforce has the tech skills and resources needed to stay ahead of the digital curve.

Zluri

Zluri

Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management and Identity Governance.

ELK Analytics

ELK Analytics

ELK Analytics is a specialized Managed Security Services Provider (MSSP) that focuses on endpoint security and monitoring & alerting for any type of structured or unstructured data.

Simpson Associates

Simpson Associates

Simpson Associates is a Data Transformation and managed services provider that helps organisations gain valuable insights from their data and make better-informed decisions.