Skip to main content
close search
site logo
Dive Brief

63% of new hires bring data from old employers. What's the risk?

Published Oct. 3, 2019
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Pixabay

Dive Brief:

  • More than one-quarter, 27%, of information security leaders don't monitor the data new employees bring to their organization, according to a Code42 survey of more than 1,000 information security leaders and 600 business decision-makers. 
  • Because employees feel "entitled to personal ownership" of work data, 63% bring data from previous employers to their new workplace. Nearly three-quarters of security leaders agree, saying employees don't just bring corporate data, but also anything they see as their work or ideas. 
  • Nearly 60% of security leaders say either they or a colleague have intercepted data with the potential of disrupting business, from a risk or legal standpoint. 

Dive Insight:

Unintentional insider threats is a main cause of data breaches.

Similarly, the off-boarding process of an exiting employee is often unintenionally negligent. Job terminations, shared accounts, on- and off-boarding, authorization and inactive use are all factors in identity management. 

During Code42's employee off-boarding process, the company runs down a checklist that includes data, access removal and return of corporate assets, Jadee Hanson, CISO and VP of information systems at Code42, told CIO Dive.

"Departing employees pose the greatest data exfiltration risk to employers and the impact of data loss can be significant," said Hanson. "It is important to remember that not all insider threats are malicious." 

New employees at Code42 undergo a security awareness training when hired and repeat it annually. The company also deploys phishing exercises monthly.

"One of the most critical elements of our insider threat program is our philosophy of transparency. We tell our employees about our program and have found that alone deters more internal risks than a covert insider threat program," she said. 

Though it's likely companies go over proper data use during the on-boarding process, managing the data employees bring to — and take from — work is an ever-present risk, with legal, security, financial and reputation ramifications. Hanson suspects that the number of employees who bring former employer data to workplace is higher than the 63% measured from the survey. 

"To get a leg up and hit the ground running, new employees can potentially bring almost any data, including strategy documents, process information, or very sensitive proprietary schematics, source code or strategic initiatives," she said.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
New Research Reveals AI's Impact on Power, Status, and Pay
From 1E
November 21, 2024
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell