A Loudhouse survey on enterprise security practices reveals that 35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies and technology to safeguard data from both the malicious and inadvertent insider threats.
The survey polled more than 500 internet technology decision makers and 4,000 employees in the United States, Europe, and Australia, and discovered that:
- 25 percent of employees would sell company data, risking both their jobs and criminal convictions, for less than $8000
- 3 percent of employees would sell private information for as little as $155
- 18 percent would accept an offer of $1550
- 35 percent of employees were open to bribes as the offer reached $77,500
- 65 percent of employees said they wouldn’t sell data for any price.
“While people are generally taking security more seriously there is still a significant group of people who are willing to profit from selling something that doesn’t belong to them,” said Heath Davies, CEO at Clearswift. “This information can be worth millions of dollars. A case in point of the true value of data is the recent Ashley Madison hack, the effects of which have been monumental.”
The opportunity to sell valuable information is exacerbated by the ready access most employees have to it with 61 percent of respondents stating that they had access to private customer data, 51 percent had access to financial data, such as company accounts or shareholder information, and 49 percent had access to sensitive product information, such as planned launches and patents.
The survey concluded that attitudes toward data security are mixed, with only 29 percent saying that company data was their personal responsibility and 22 percent saying they did not feel it was their responsibility at all.
“It is not good business to live in fear of your employees, especially since most can be trusted,” said Davies. “Getting the balance right has always been hard. But truly understanding where the problems come from, combined with advances in technology which can adapt to respond differently to different threats, really changes the game here.”