Employees increasingly masking online activities

This year’s shift to a near 100% WFH workforce by the Global 5000 has significantly changed the behaviors of trusted insiders, a DTEX Systems report reveals.

Key findings include a 450% increase in employees circumventing security controls to intentionally mask online activities and 230% increase in behaviors that indicate intent to steal data.

The data was collected during interviews with hundreds of customers and Global 5000 organizations representing a diverse sample set of businesses that varied by size, industry, and geography.

“Our findings indicate that in 2020 the equilibrium of employee security and trust has been broadly disrupted and is currently in chaos,” said Mohan Koo, CTO at DTEX Systems.

“Trusted insiders once thought to be reliable and responsible are changing their behaviors and increasing the risk of data loss, external attack and regulatory compliance violations for their employers.”

Key findings

56% of companies reported remote workers actively bypassed security controls to intentionally obfuscate online activity. This is more than 4.5 times higher than 2019 which represents a 450% increase in the first eight months of 2020.

• More than 70% of the escalated incidents visible to the security and HR teams included at least one attempt to circumvent a second security control to exfiltrate data without detection.
• Companies reported remote workers most commonly attempted to intentionally bypass the corporate VPN to mask their online activities.

72% of companies surveyed saw data theft attempts by a departing employee wanting to take protected IP with them or a new employee looking to inject IP from a previous employer. This represents an increase of 2.3 times, or 230%, over similar behaviors seen in 2019.

Over 40% of incidents proactively detected flight risk behavior as well as abnormal reconnaissance or data aggregation activities.

The growth in premeditated data theft attempts and intentional activity masking behaviors by employees strongly suggests that companies are facing a heightened risk of data loss as virtual employment models become the norm, furloughs are extended and reduction-in-force actions continue.

The findings in this report highlight the lack of adoption and ineffectiveness of network and endpoint cybersecurity, employee monitoring and data loss prevention tools and suggest that organizations need to prioritize the human-element and workforce behavior in relation to data, process and machines as a pillar of their next-generation security and IT technology strategies.