Go to the Globe and Mail homepage

Jump to main navigationJump to main content

Many employees think it’s okay to transfer corporate data to their personal computers, tablets or smartphones, in part because they attribute ownership of the data to the person who created it, rather than the company, the survey found. (Brian Jackson/Getty Images/iStockphoto)
Many employees think it’s okay to transfer corporate data to their personal computers, tablets or smartphones, in part because they attribute ownership of the data to the person who created it, rather than the company, the survey found. (Brian Jackson/Getty Images/iStockphoto)

SECURITY

Half of former employees take data when they leave, report finds Add to ...

A big source of theft of corporate data and trade secrets is former employees of the company, a research report said Wednesday.

The survey by the security firm Symantec Corp. found that half of employees who left or lost their jobs in the past 12 months kept confidential corporate data, and 40 per cent plan to use it in their new jobs.

More Related to this Story

“This means valuable intelligence is falling into the hands of competitors,” said Symantec’s Robert Hamilton in a blog post accompanying the report.

“Ultimately, this puts everyone at risk – the employee who takes the IP [intellectual property], the organization that invested in it and the new employer who unwittingly receives it. Everyone can be held accountable, and no one wins.”

Mr. Hamilton said it was “startling” that many employees “don’t think taking corporate data is wrong. Sixty-two per cent of employees think it’s acceptable to transfer corporate data to their personal computers, tablets, smartphones and cloud file-sharing apps. And once the data is there, it stays there – most employees never delete it.”

He added that “underlying this belief is a lack of understanding who owns the IP. The survey shows that employees attribute ownership of IP to the person who created it,” and that companies fail to clearly indicate that they own the data.

Symantec said the report highlights that corporate security must consider how to deal with the threats from within.

“Companies cannot focus their defences solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain,” said Lawrence Bruhmuller, Symantec’s vice-president of engineering and product management.

“The everyday employee, who takes confidential corporate data without a second thought because he doesn’t understand it’s wrong, can be just as damaging to an organization.”

In the know

Top videos »