Do your employees exit your company with confidential data?

A survey by systems security provider, Symantec, found that 53% of company employees do not believe businesses suffer any harm if they take data belonging to a company when they leave it.

Its report said:

“Over half do not believe that using competitive data taken from a previous employer is a crime. Employees attribute ownership of intellectual property (IP) to the person who created it.”

It went onto say:

Get our essential weekday HR news and updates. LinkedIn This field is for validation purposes and should be left unchanged. Work Email Keep up with the latest in HR... This field is hidden when viewing the form Optin_form This field is hidden when viewing the form Optin_date Year Month Day This field is hidden when viewing the form Batch_Newsletter

“When given the scenario of a software developer who re-uses source code that he or she created for another company, 42% do not believe it is wrong and that a person should have ownership stake in his or her work and inventions.

“They believe that the developer has the right to re-use the code even when that developer does not have permission from the company. These findings portray today’s knowledge workers as unaware that intellectual property belongs to the organisation.”

The Symantec report was based on information obtained through a Ponemon Institute survey of more than 3,300 people based in six countries, including the UK.

It reported that half of the survey respondents had admitted to taking confidential information from a former employer and that 40% said they would “use it in their new jobs”.

Commenting on these figures, the report stated:

“This means precious intelligence is also falling into the hands of competitors, causing damage to the losing company and adding risk to the unwitting receiving company.”

The report also revealed that 37% of employees transfer company IP into cloud storage without permission and that those individuals “rarely” ensure that the data is deleted after the transfer.

In addition to this, it discovered that confidential information has been transferred from company systems into personal email accounts by more than half of respondents, while 41% admitted to transferring it to personal devices.

To address the problem, Symantec suggests that companies must do more to educate employees about confidential information ownership rights and security, enforce non-disclosure agreements and using monitoring technology to track where IP goes and how it leaves the company.

It added:

“The attitudes that emerged from the survey suggest that employees are not aware that they are putting themselves and their employers at risk when they freely share information across multiple media.

“Most employees do not believe that transferring corporate data to their personal computers, tablets, smartphones, and cloud file-sharing apps is wrong.

“A third say it is OK as long as the employee does not personally receive economic gain, and about half justified their actions by saying it does not harm the company. Others blamed the companies for not strictly enforcing policies and for not proactively securing the information.”

It concluded:

“These findings suggest that employees do not recognise or acknowledge their role in securing confidential company data.”