Your Fired Employees Are Stealing Your Data

from the taking-more-than-a-stapler dept

It probably shouldn't come as a big surprise that a new study says 60 percent of employees keep corporate data after they leave a job. The most common types of retained data are things like contact lists and non-financial information, with the ex-employees usually thinking it will help them in their next job. While this sort of stat will probably get blamed on the state of the economy, it's likely that rising unemployment probably only exacerbates it. A more worrying stat from the study is that a quarter of respondents said they were able to access data on their former employers' computer networks after they left the company. This corresponds to earlier research saying that "malicious insider" attacks are on the rise as the number of disgruntled employees and ex-employees grows. With so many companies focused on cutting costs by reducing headcount, effective data security could also fall by the wayside.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Rose Garcia, Feb 23rd, 2009 @ 7:22pm

    Couldnt this also called an off-site backup? /sarcasm


    But honestly though, some employers of small companies actually offer to continue paying a (not fired, but just had no more work available for that person - or could not continue to pay them as much as they wanted) former-employee's health insurance in exchange for that employee performing a regular data backup every few weeks and keeping that data off-site. It's better than being unemployed, without health insurance and could also be great for helping to keep connections to future employers in the same business industry.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Feb 23rd, 2009 @ 7:35pm

    Link is down?

    Sixty percent sounds a bit high, perhaps they have something to sell? Nothing sells new security stuff like a bit of scare tactic.

    Should I have to delete the code I wrote at home, on my own time, but then took to work in order to make my job a bit easier?

    What about all the new and cool stuff I learned at work? Would I have to forget it?

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    ChurchHatesTucker (profile), Feb 23rd, 2009 @ 7:47pm

    BSA

    Isn't this the BSA's business model?

    Or have they patented a "method of pillaging a former employer?"

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Overcast, Feb 23rd, 2009 @ 8:03pm

    What about all the new and cool stuff I learned at work? Would I have to forget it?

    I think if many groups had their way - yes.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Feb 23rd, 2009 @ 8:07pm

    I left my employer 8 months ago...but they failed to disconnect my phone where I can still check voice mails and can still dial in to the network. What is even more amazing is that it went Ch. 11 last week and I can still do this today. I haven't stolen any data or used my access other than to see if they have disconnected me yet...apparently they laid off the people responsible for overseeing this stuff.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Kevin, Feb 23rd, 2009 @ 8:13pm

    Re: Link is down?

    Sixty percent sounds a bit high, perhaps they have something to sell?

    That could be the case. Or the threshold of "taking your employer's data with you" is ridiculously low. The post mentions "contact lists". I know that every time I've left a job I've exported my contacts from Outlook (not the entire address book, just my personal contacts) and taken them with me. Most of the time they are vendor contacts, but they've proven useful in the future. Also, a lot of times someone will take an export of their email box and copies of any archives. In some cases it could be about stealing secrets/business, but in others it could simply be a case of CYA. If your employer deletes your email 30 days after you leave, you have no way to prove that you sent a particular message is a question comes up later unless you kept a copy.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Stefanie, Feb 23rd, 2009 @ 8:38pm

    I thought 60% sounded LOW...

    I don't know any halfway intelligent, career-minded person who DOESN'T take a list of contacts with them, and most people I know take some form of company data that will show their achievements or provide a sample of their work.

    Still, the article is way overblown. People are stealing far more valuable information in their brains than what they're taking out on disks and paper, in most cases.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    Adam Wasserman (profile), Feb 23rd, 2009 @ 9:32pm

    Stealing?

    I would think that a Techdirt writer would know better than to use the word stealing here... there is no theft in this story.

    If there was a confidentiality agreement, then there is breach of contract. If there was no confidentiality agreement...

    There is no such thing as ownership of data.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    John Duncan Yoyo, Feb 24th, 2009 @ 5:01am

    People take information in their heads

    What about the information that people carry around in their heads? What is to stop them from call Sid at Amalgamated Widgets after looking his contacts online and offering him a cheaper better stapler than the one you had been selling for your previous employer?

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    jon, Feb 24th, 2009 @ 5:16am

    theft of service

    A bit off topic, but, how about an X-employee that uses a company login for an online service, or continues to use say their company vonage line. I thought I had all the bases covered on removing logins and changing passwords only to find an X-employee who now works for the competition using an aftermarket automotive tech service to obtain wiring diagrams on a company login. Add another password to change anytime someone leaves the company list. Funny part is that he was not supposed to have access to that service even when he was here (the co worker who gave it to him has been appropriately admonished). A lot more than one kind of data that an x-employee can take with them. So, what is theft and what isn't? Let's take it a step further......what is prosecutable and what isn't?

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    :Lobo Santo, Feb 24th, 2009 @ 6:22am

    Your Fired Employees Are Stealing Your Data

    Yes vato, yes we are.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Overcast, Feb 24th, 2009 @ 6:34am

    This is where a stable and loyal IT staff pays off.

    But that's ok, keep outsourcing. It's a wonder this question didn't come up sooner.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    batch, Feb 24th, 2009 @ 9:47am

    Hi, lets work together

    I'm part of an outsourced IT Department and all too often, one of our customers will lose an employee for whatever reason and they don't notify me so I can change their passwords and disable accounts as needed. To make things even better many of these people have VPN access or RDP access. You try and explain the need to communicate that someone left the company to us, but some people just don't get that its a huge risk to wait.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This