Beyond Identity launches cyber risk of staff study

A Beyond Identity study shows former employees are likely to continue accessing old employer information after they have left

In a recent study, phishing-resistant multi-factor authentication (MFA) provider Beyond Identity gathered responses from former employees across the United States, the United Kingdom, and Ireland and found a vast majority of employees (83%) admitted to maintaining continued access to accounts from a previous employer. The cybersecurity threat this poses is coupled with the fact that more than half of these employees (56%) said they had used this continued digital access with the specific intent of harming their former employer. 

Ongoing access to sensitive information paired with frequently malicious intent spelled disaster for these former employers. When the survey turned to focus specifically on responses from managers and business leaders, 74% admitted their company had been negatively impacted by a former employee breaching their cybersecurity. 

The most common hacks and infractions included logging into corporate social media (36%), looking through company emails (32%), and taking company files and documents (31%). More than one in four former employees even went so far as to log in to the back end of the company’s website. 

Results were gathered from currently employed persons, all of whom had previously left a single position. Their locations varied, as did their industries, levels of employment, and genders. However, in spite of this variance, responses were alarmingly similar and revealed a risk to employers globally.

According to the survey, a professional, detailed offboarding process could accomplish two important things: prevent unauthorised access by former employees by eliminating their passwords and other insecure authentication methods, and simultaneously generate goodwill, thereby lessening the motivation to harm a former employer. The study also revealed that the United States was much more likely to execute such an effective offboarding process, compared with companies based in the United Kingdom or Ireland.

A Beyond Identity spokesman said: "The results of this study were ultimately quite shocking, with many respondents freely admitting to using their former company’s cybersecurity weaknesses to cause intentional harm. Leaders appear acutely aware of the issue and yet unsure of exactly how to improve security or practice effective offboarding procedures. It’s safe to say that relatively little is safe at headquarters in this era of mass employee departures.

"The best way to maintain security during these tumultuous times is to leave it to the professionals. According to the survey, a professional, detailed offboarding process could accomplish two important things: prevent unauthorised access by former employees by eliminating their passwords and other insecure authentication methods, and simultaneously generate goodwill, thereby lessening the motivation to harm a former employer. The study also revealed that the United States was much more likely to execute such an effective offboarding process, compared with companies based in the United Kingdom or Ireland."

To read Beyond Identity’s full findings and to hear steps on how to implement effective offboarding processes that protect your company’s assets, please visit the survey.

Share

Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security