A study of people who left or lost their jobs in 2008 found close to 60 percent kept corporate data after leaving. The survey, performed by the Ponemon Institute and sponsored by Symantec, included more than 900 responses and found that many of those who took the data did so by stealing paper documents and hard files.
Sometimes employees walk out with more than their walking papers when they clock out for the last time.
A study by the Ponemon Institute found that more than 59 percent of
those surveyed kept corporate data after leaving their jobs. The
survey, which was sponsored by Symantec, included responses from 945
adult employees who had lost or left a job in 2008.
The most commonly stolen pieces of information
e-mail lists and non-financial business information, taken by 65 and 45
percent, respectively, of the respondents who took something.
Thirty-nine percent admitted taking customer information such as
Among those who stole data
, more than half said they did so because
they thought it would be useful in the future - for example, at their
new job. Roughly 60 percent of those who kept data had an unfavorable
view of their company, and thirty-seven percent of the
survey's participants said they left because they were fired.
Thirty-eight percent, meanwhile, said they simply found a new
job, while another 21 percent left because they were
Are they employees from hell? Maybe. But either way, Larry Ponemon,
chairman of the Ponemon Institute, found the statistics surprising.
"I'm not sure that malicious intent and future employment are
mutually exclusive," he said. "Clearly the responses show that
obtaining future employment was a significant motivating factor, but
when we see a high percentage of individuals who took information
knowing full well they were acting in violation of company policy, that
hints strongly at the presence of malice."
Sixty-one percent of the employees who stole business information
took it in the form of paper documents or hard files. The next most
popular method was downloading data onto a CD or DVD, which was done by
53 percent. Just fewer than 40 percent did it by sending documents as
attachments to a personal e-mail account.
Equally troubling from an IT security perspective is that almost a
quarter of the participants had the ability to access data even after
they left the company, with 32 percent of these respondents admitting
they accessed the system and their credentials worked.
"Most of this data loss is preventable," said Rob Greer, senior
director of product management for Symantec Data Loss Prevention.
"While the majority of data loss is still due to accidental insider
actions or broken business processes, this survey highlights
preventable issues exacerbated by a slowing economy."