Large organizations take risks with network security
- Published: Tuesday, 14 June 2016 14:15
A new survey amongst IT decision makers in UK businesses with one thousand or more employees reveals that 49 percent of respondents admit to retaining access to their employer’s network, often for many months after leaving the company. The survey commissioned by Protected Networks, highlights the poor track record of businesses in removing access rights for employees that have left the business. The survey, conducted by independent market research company Vanson Bourne, finds that three quarters of the 49 percent who retained access, had used their permissions to access their former employer’s network - some admitting to doing so on multiple occasions and for up to a year.
The relaxed attitude of businesses to closing off network access to former IT employees is further evidenced by the fact that just 57 percent of businesses that noticed the fact still failed to remove access rights.
Keith Maskell, country manager at Protected Networks commented: “The findings reveal an astonishingly liberal attitude of UK businesses to managing access to data on the corporate network, particularly if we bear in mind that this may potentially include granting access to valuable data like intellectual property, credit card data or sensitive private data about employees or clients”. He added: “Perhaps in some cases companies do not consider that their ex-employees are a threat, or administration staff are too overloaded to make systems changes on time, but in fact this common failure to remove data access rights creates a serious security vulnerability that can be exploited later by hackers, if not by the ex-employees themselves”.
65 percent of those with access to their former employer’s network retained access at a ‘user’ level whilst 22 percent held ‘administrator’ level access rights, giving them the ability to control or escalate access to network resources for both themselves and others. A convincing majority (83 percent) of IT respondents to the survey agreed that network access rights should be easier to manage and better monitored (80 percent) and 76 percent said that that network access rights should be given a higher priority and focus of attention.
To download the full survey findings and infographics please click here.