Welcome to the new ZDNet! Give feedback or learn more about our updated design here. Or, return to the classic view.

Symantec report: Many employees are OK with stealing corporate data

Here's a headache that IT managers probably already knew about but can now confirm: a lot of employees don't care about protecting corporate data.

Symantec has published some new figures from a global survey that might unnerve many CIOs and IT managers out there.

Based on Symantec's report, What's Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk, the bottom line is that most employees don't worry much about the security of corporate data -- and many of them are just fine with stealing it.

Here are some of the specifics:

  • 50 percent of employees who left or lost their jobs in the last year have kept confidential corporate data, and 40 percent of them admitted to planning to use that content in their new jobs.
  • 56 percent of employees don't believe it's a crime to use a competitor's trade secret information.
  • 44 percent think that a software developer who develops source code for a company has some ownership in his or her work and inventions.
  • 42 percent don't believe it's a crime to reuse those source codes, without permission, in projects for other companies.

One of the problems here might simply be lack of awareness.

For example, researchers found that 62 percent of employees thought it was "acceptable to transfer work documents to personal computers, tablets, smartphones or online file sharing applications." Symantec added that most of them don't bother deleting the data because "they do not see any harm in keeping it."

This could all possibly translate to BYOD (bring your own device) and using other devices for work-related purposes at other times.

Thus, like with security issues surrounding social media and personal devices in the workplace, a little education could go a long way in turning around these concerns -- at least to some extent.

Along with more IT policy education and training, Symantec suggested implementing a data protection policy for monitoring IP usage as well as requiring employees to sign non-disclosure agreements.

For reference, the survey, which was conducted by The Ponemon Institute in October, polled 3,317 individuals in six countries: the United States, United Kingdom, France, Brazil, China and South Korea.

zdnet-symantec-Insider-Threat-infographic-Rev-J-2013-02-06

Image via Symantec

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All