Code42 released its 2020 Data Exposure Report on
insider threat. The study found that cloud-based collaboration
technologies and workforce turnover have become major drivers of data
exfiltration as insider threat programs
fail to keep pace with today's digital workplace. Code42 surveyed
nearly 5,000 knowledge workers at companies with more than 1,000
employees in the U.S., U.K. and Germany.
"When
it comes to data loss, leak and theft, for too many companies, the
inside is their blindside," said Joe Payne, Code42's president and CEO.
"Insider threat programs are not keeping up with today's collaborative
work culture. People and data are on the move now more than ever.
Workers are switching jobs, and company files are being uploaded to the
web, emailed as attachments and synched to personal cloud accounts. Our
new report is a wake-up call for security teams that have traditionally
relied on prevention-based security strategies for blocking when the
rest of their organization is busy sharing."
Workers Opt for Unsanctioned Collaboration Tools to Share Company Files
Cloud-based
collaboration tools have changed the workplace. As part of their
regular work routines, employees are emailing, airdropping, messaging
and slacking from desktops, mobile devices, on the road and in coffee
shops. According to the report, workers routinely use both authorized
and unauthorized cloud-based platforms to share files and ideas with
colleagues. They sidestep sanctioned tools because they believe they are
too complicated, restrictive and slow-or don't have enough features.
The study found:
- The
leading corporate standards for file sharing and collaboration include
email (34%), Microsoft SharePoint (26%), Microsoft OneDrive (23%) and
Google Drive (19%)
- WhatsApp
(34%), Google Drive (30%), Facebook (29%) and personal email (26%) are
the most commonly-used unauthorized platforms for sharing files with
colleagues
- Thirty-seven percent (37%) of workers use unauthorized apps daily while 26% use them weekly to share files with colleagues
Collaboration Tools Rated Among Top Vectors for Data Exfiltration
While
technology has made it easy for employees to share files legitimately
via personal email and the cloud, it's also made it easier for them to
exfiltrate - or even infiltrate - data like product ideas, source code
and customer lists. The risk of insider threat incidents is heightened
because the very tools that workers use to collaborate are some of the
most popular vectors for data exfiltration.
The study found:
- More
than one-third (36%) of workers believe that the increased emphasis on
file sharing has made them more complacent about data security
- Workers
move data from one organization to another using email (38%), print
hard copies (37%), external devices (35%), cloud collaboration platforms
(31%) and browser uploads (26%)
- Nearly
three-fourths (73%) of employees report they have access to data they
didn't create; 69% can view data they didn't contribute to; and 59% can
see data from other departments
Insider Threat Programs Earn a Failing Mark as Workers Change Jobs
The simple act of changing jobs can tempt employees to take company data - and workers are changing jobs more frequently than ever.
Security teams continue to grapple with how to effectively deal with
data theft and misuse - whether accidental or intentional - when
employees depart. As workers move from company to company, they admit
that they have not only taken data with them, they have done it more
than once. The consequences of this behavior are even more damaging to a
business when workers take data from a former employer and go to work
for a competitor. According to the research, both former and new
employers do little to stop data theft by transitioning employees.
Key findings said:
- 51% of the workers surveyed believe that the risk to corporate data when employees depart is bigger than organizations think
- Two-thirds (63%) of respondents who said they have taken data are repeat offenders
- Nearly
nine out of ten (87%) employees report that no one ever approached them
from their former employer to verify that they hadn't taken data
- Three-fourths
(75%) of respondents say that their new employer did not ask them if
they had brought data from their previous employer
- One-third (32%) of respondents who had infiltrated data were encouraged by their new employers to share it with new colleagues
"Without
the ability to detect and investigate file movement both inside and
outside company walls, insider threat programs are leaving data more
vulnerable and security teams flying blind," said Jadee Hanson, chief
information security officer and vice president of information systems
for Code42. "There's a gap in the protection stack. Security teams need
to reassess their solutions. This starts with an insider threat program
that provides complete data visibility - from who has data access, to
where data lives and moves."
For more details, download a free copy of the 2020 Data Exposure Report here.