In a recent study, Beyond Identity gathered responses from former employees across the United States, the United Kingdom, and Ireland and found 83% of employees admitted to maintaining continued access to accounts from a previous employer. The cybersecurity threat this poses is coupled with the fact that 56% of these employees said they had used this continued digital access with the specific intent of harming their former employer.
Ongoing access to sensitive information paired with frequently malicious intent spelled disaster for these former employers. When the survey turned to focus specifically on responses from managers and business leaders, 74% admitted their company had been negatively impacted by a former employee breaching their cybersecurity.
The most common hacks and infractions included logging into corporate social media (36%), looking through company emails (32%), and taking company files and documents (31%). More than one in four former employees even went so far as to log in to the back end of the company’s website.
The process of preventing former employees maintaining access to accounts
Results were gathered from currently employed persons, all of whom had previously left a single position. Their locations varied, as did their industries, levels of employment, and genders. However, in spite of this variance, responses were alarmingly similar and revealed a risk to employers globally.
Fortunately, there was a saving grace for companies. According to the survey, a professional, detailed offboarding process could accomplish two important things: prevent unauthorized access by former employees by eliminating their passwords and other insecure authentication methods, and simultaneously generate goodwill, thereby lessening the motivation to harm a former employer.
The study also revealed that the United States was much more likely to execute such an effective offboarding process, compared with companies based in the United Kingdom or Ireland.
employees, old employer’s accounts
- IS 27001 Lead Implementer
- IS 27001 Foundation
- IS 27001 Lead Auditor
- CCISO – Certified Chief Information Security Officer
- Cybersecurity Professional
- Cybersecurity Lead Implementer
- Cybersecurity Lead Auditor
- CEH – Certified Ethical Hacker
- CHFI – Computer Hacking Forensic Investigator
(2022) 83% of employees continue accessing old employer’s accounts. Recovered on 29 March 2022 https://www.helpnetsecurity.com/2022/02/21/employees-maintaining-accounts-access/