11th November 2015, London

IT decision makers admit it can take up to a month to terminate unauthorised access to the network, leaving thousands of orphan accounts open to attack.

Ilex International uncovers the reality of orphan accounts and the security risks posed for British businesses. Research, conducted by YouGov, found that while 58 percent of IT decision makers from large businesses surveyed terminated access of employees and partners on or before their day of departure, 39 percent took a few days to a month to close dormant accounts. This raises serious concerns for British businesses, leaving them open to a cyberattack, either by a malicious ex-employee, contractor, partner or an opportunistic hacker. 

24 percent of respondents from large businesses terminated access to dormant accounts ‘a few days after departure’, five percent waited up to a week, three percent within a fortnight and eight percent confessed to only removing access within a month after departure. Immediate termination on or before the day of departure is even worse for small and medium size businesses, bringing the total number of respondents following this best practice down to 32 percent and 56 percent respectively.

« Disgruntled employees or partners are unlikely to wait until a month after leaving to access confidential company information. Access is likely to be sought in a matter of days. The findings highlight the importance of closing inactive accounts down straight away, rather than waiting around. »

Warned Thierry Bettini, director of international strategy at Ilex International

According to the Ministry of Defence, the cost of cybersecurity breaches to the UK economy roughly tripled over just the last year amounting to £20 to 30 billion per year. Despite this figure expected to grow, the research found that only 11 percent of businesses surveyed expect a data security breach in 2016. Large businesses were the most wary, with 30 percent expecting a breach, compared to 24 percent of medium and only six percent of small businesses.

« With the number of temporary workers expected to increase over the coming months, especially for retailers gearing up for Christmas, hiding from the truth is not an option. The research emphasises the need for greater awareness of the likelihood and consequences of security breach. TalkTalk’s latest incident, along with other mega breaches should be a wake-up call for businesses to be more effective in protecting sensitive information.
Shutting down inactive accounts of former employees and contractors more quickly and removing any associated access can help to control unwanted access to confidential data and minimise risk of a security breach. »

Said Bettini.

According to the Online Alliance Trust, almost one-third of data breaches in 2014 were caused either accidentally or maliciously by employees. Research published by the Sans Institute in April 2015 shows that while insider threats are a key concern for security professionals, 40 percent of businesses polled had no systems in place to address this concern, while 32 percent said they lacked appropriate policies and procedures to deal with insider threats. 

Notes to editors
All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 530 IT decision makers. Fieldwork was undertaken from 6th – 12th August 2015. The survey was carried out online