A Survey of Data Theft by Departing Employees

The Ponemon Institute and Symantec Corp recently released findings from a joint survey on employee data theft. A web-based survey was conducted in January 2009, involving over 900 US participants who had left an employer within the preceding 12 months. The survey results showed that 59 percent of ex-employees admit to stealing confidential company information, such as customer contact lists. The types of information that are most commonly taken are: e-mail lists, employee records, customer information including contact lists, and non-financial information. The survey was conducted across a wide variety of industries. The highest percentage of survey responses came from the financial services industry. About 67 per cent of the participants admitted to taking information from their previous employer in order to leverage a new job, even though many employees sign non-disclosure agreements and could face a range of legal consequences for providing their new employers with misappropriated confidential information. Over 80% of the participants said their employers did not perform an audit or review of paper or electronic documents before the participant left their job. It seems clear that employers need to be more vigilant about sensitive company data. Some of the appropriate steps to take include implementing appropriate policies, requiring employees to sign, and later enforce, non-disclosure agreements, and protecting information through data loss prevention technologies. For further reading, see the Washington Post article on the survey: http://tinyurl.com/cnt5nw Summary by: Oren Weichenberg