News Feature | January 22, 2015

Survey Shows 20 Percent Of Employees Going Rogue With Corporate Data

Christine Kern

By Christine Kern, contributing writer

Survey Shows 20 Percent Of Employees Going Rogue With Corporate Data

A recent SailPoint Market Pulse Survey revealed that one in five employees has uploaded proprietary corporate data to a cloud application, such as Dropbox or Google Docs, with the specific intent of sharing it outside of the company.

Further, the survey found a “clear disconnect” between cloud usage across the business and existing IT controls, and almost two-thirds of users reported being able to access information via those cloud storage applications after separation with their employers. Even more striking, 25 percent admitted that they would take copies of corporate data when they left even while 60 percent of employees knew that such action was forbidden by their employers.

Such rogue activity points to gaps in IT security that need to be addressed. Not only must corporations be proactive against attacks from external enemies; they must also be vigilant against behaviors from current and former employees.

Business Solutions discussed the dangers of rogue and shadow apps, stating that shadow cloud services now pose a growing risk to enterprises, as SaaS (Software-as-a–Service) apps are growing rapidly and can jeopardize enterprises if they are not addressed. And Business Solutions Magazine reported that a recent survey by NTT Com Security also demonstrated that only about one-third of data is completely secure, according to U.S. executives. Over half of the senior executives surveyed included competition and business growth as significant business challenges, while less than one third (29 percent) included data security, revealing an alarming disconnect between policy and behavior and showcases a need for education about data security among business leaders.

The SailPoint 2014 Market Pulse Survey queried 1,000 office workers at large companies with more than 3,000 employees in order to measure employee attitudes toward protecting corporate digital assets. Companies polled were located in Australia, France, Germany, the Netherlands, the United Kingdom, and the United States.

The results revealed that just 28 percent of respondents’ corporate policies clearly define who is granted access to mission-critical SaaS apps. Thus, SailPoint asserts, “The survey showcases the complex challenge companies face when trying to manage applications outside of IT’s control, as well as the risk of massive security breaches and internal theft faced by companies.”

“The survey results are an eye opener of how cloud applications have made it easy for employees to take information with them when they leave a company,” Kevin Cunningham, founder and president, SailPoint said in a blog post. “With almost 20 percent of employees purchasing a cloud application for work without involving the IT departments, combined with the ability for employees to use consumer cloud apps for work activities, it’s virtually impossible to manage access to applications and the sharing of mission-critical data. In order to establish control over this ‘bring your own app’ phenomenon, it’s critical to provide specific incentives for end users to follow corporate policy such as offering users a seamless login experience in exchange for using a central access control framework.”

The complete results of the 2014 Market Pulse Survey are detailed in an infographic “Employees Going Rogue with Corporate Data,” which is available for download here.