A new report from Intermedia and Osterman Research found a disturbing set of trends: 89 per cent of employees retained passwords after they left work, and a substantial number used them for accessing company files, reputation and even money. They found 45 per cent retained access to confidential or highly confidential files, as recorded in a survey; 68 per cent were storing workfiles in personal storage websites – and 24 per cent still have access to the company’s Paypal account, though there was no figure on how many might still use it. While this presents obvious risk in the form of theft of data and actual money, there is also the potential for naive file deletion from employers, or even intentional from disgruntled redundancies. Ex-employees are also very likely to place less security over their passwords than a company might, and thus this important passwords are more vulnerable to hackers. “If an employee stores sensitive or confidential data in personal Dropbox or Google Drive accounts, then this data is potentially accessible by outsiders the day the person becomes an ‘ex-employee’,” says Michael Osterman, president of Osterman Research. “In many cases, this runs afoul of data breach notification laws.” Intermedia, a cloud services provider, suggests that passwords be taken from employees during an exit interview and then changed for the relevant accounts. Businesses can also implement rigorous access management and IT offboarding processes, and utilise a single sign-in procedure to cut down time spent offboarding and employee. Image source
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.