Businesses exposing confidential data to ex-employees

Data breach

Just under one third (32 per cent) of UK companies have admitted that people who've left their employ still have access to confidential files and systems, meaning their business could be wide open to a major security breach.

However, the number is much higher in the US, where over half of all companies said outgoing employees were probably able to log into systems after leaving the organisation.

Almost half of respondents to the research carried out by Centrifyy said they had the processes in place to 'offboard' leavers, the same number again have access rights and password knowledge that would allow them to break into systems up to a week after they cease working at the company.

The news is surprising considering more than half of the 400 UK and US IT decision makers questioned have suffered a security breach, yet still aren't taking action to prevent ex-employees attacking the organisation.

However, Centrify said the biggest mistake companies are making is giving employees access to such sensitive data and systems in the first place.

"Giving employees elevated access to privileged accounts and the organisation's most critical data, applications systems and network devices is essentially giving them the keys to the kingdom'. It's the equivalent of providing the front door key to your house and you'd be very, very careful who you gave that to." Barry Scott, CTO of EMEA at Centrify said.

"The challenge is that modern enterprises have their infrastructure both on-premises and in the cloud, they have a mobile workforce and IT users may be their own employees, temporary contractors or from external companies. Privileged accounts are a very attractive target for hackers."

He explained it's surprising that senior IT decision makers think their organisations should do better when it comes to monitoring who has access to what data, especially when it's considered that there have been a number of high profile cases that have exposed the risks.

Clare Hopping
Freelance writer

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.

Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.

As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.