14 DAY TRIAL // Most employees are comfortable taking sensitive company files when leaving work, regardless of whether they're getting fired or are leaving on their own.
According to a study carried out by Biscom, a company specialized in file security services, employees feel a false sense of ownership over files they handle or they created at work, and often have no fear taking sensitive company data when moving to another job.
The survey reveals that one in four employees engaged in this behavior in the past, and the chances are high they would do it again.
A quarter of employees would steal files they did not create
While most employees said they would limit the data they take to their own files, 25% of the inquired subjects admitted they would also take data and files they did not create, 15% explaining this would be more likely if they were fired or laid off, rather than if they left on their own.
Of those who steal company data, for which they were responsible or created, 85% don't feel they're doing anything wrong.
The blame for this behavior is not only on the employees themselves but also on companies who fail to protect sensitive information.
Lack of internal security layers aids intellectual property theft
According to the study's subjects, 95% said that companies did not use any type of secure technology to safeguard sensitive files and intellectual property, nor did they have specific legally binding policies in place to deter such behavior.
Most of the time companies still rely on public services provided by Dropbox, Google, and standard email providers, with no other security layer on top. With no security system to alert companies when workers email files outside their work email, or when files are copied to thumb or external drives, employees are free to do whatever they want with the data.
"The survey’s results reveal employees as a big security hole," says John Lane, CISO of Biscom. "Companies can use this information to understand how they can protect their data. Whether it’s updating employee training, establishing stricter company policies to prevent data theft, or obtaining secure tools to store and track company data."