Research shows that over half (59 percent) of the UK workforce is actively looking for a new job in 2016*. Ilex International’s report, ‘Staff migration: The security impact to businesses’, emphasises the importance of controlling access to systems and sensitive data especially when employees leave.
Our recent YouGov research found that 39 percent of large businesses take up to a month to close dormant accounts, leaving the door wide open to opportunistic hackers and disgruntled former employees. Large businesses performed better than small and medium size businesses, with 58 percent removing access to data on or before the day of departure, compared to 56 percent of medium and 32 percent of small businesses.
Disgruntled employees or partners are unlikely to wait until a month after leaving to access confidential company information. Access is likely to be sought in a matter of days. The research findings highlight the importance of having a system in place that helps close inactive accounts immediately.
Ilex International recommends five best practices for controlling account access and minimising the security risks of a shifting workforce:
- With employees and contractors constantly moving, it is crucial to shut down inactive accounts fast, along with removing any associated access rights. By closing dormant accounts, businesses are removing a possible entry point for cyber criminals.
- When it comes to security, there is no such thing as zero risk so it’s key for businesses to focus on protecting critical data. By being aware of what the most sensitive data is, companies can ensure it is available only on a need-to-know basis.
- Access to data should be closely tracked and audited to ensure only users who are meant to access critical data have permission to do so. Processes have to be in place if any anomalies occur.
- Companies should implement a strong Identity and Access Management solution. Identity and Access Management is the foundation of a secure system, enabling companies to easily identify and manage their user base and control who has access to their data.
- Companies can also minimise risks by educating employees on the importance of cyber security and the impact a breach can have. Lack of employee education was cited as a key reason for security breaches by 15 percent of respondents in the Breach Confidence Index. With the workforce constantly shifting, this has to be done on a regular basis in order to be efficient.
Click here to find out more about Ilex International’s research into account access and for more information on what you can do to make sure your company’s data is protected.