New Study from OneLogin Reveals that a Great Number of Ex-Employees Continue to Exploit Company Applications
The survey reveals that a leak of data has increased to 20% because of failure to deprovision employees.
In spite of the fact that companies pay more attention to security sphere, a new investigation from the identity management provider OneLogin proved that still there is a lack of attention in many businesses to critical threats issues brought on by ex-employees – San Francisco, Calif., July 13, 2017.
500 IT specialists completed the quantitative survey, which is the basis of the mentioned above investigation. Every respondent works in a corporate IT department and is responsible for a certain sphere of the company security. Provision and deprovision employees’ logins in-house were also represented by all companies.
20 % of the respondents said that failure to deprovision employees from corporate applications is one of the main reasons for a data breach in their companies. The investigation also shows that practically half of the questioned know about the activity of ex-employees’ accounts for more than one day even after their leaving. 25% of respondents take up more than a week to deprovision an ex-worker and a quarter even don’t know the period of time during which accounts remain active.
The research reveals that 44% of respondents are not confident in the removal of ex-workers from the company networks. So, there is a great need for companies to use a security information and event management (SIEM) system. It is a wonderful assistant in monitoring employees’ usage of apps to prevent threats to the company network. A SIEM solution plus company’s identity and access management system are considered to be an effective security layer.
Alvaro Hoyos, chief information security officer, OneLogin emphasized that the big problem is that many companies don’t follow essential security measures. The company leaders should concern about the fact that ex-employees are one of the main reasons of a data leak. So, modern enterprises need technology that can automate the provisioning processes for companies’ security, productivity and efficiency.