Job Cuts Leaving IT Systems Open to Attack
Matt Hines writes on the eWeek "Security Watch" Blog:
A security team's biggest fear is an attack carried out by a knowledgeable insider, and with the economy driving job cuts within many organizations, those worries are being realized in the form of discharged workers who retain access to their former employers' IT systems, according to a new survey.More here.
With jobs walking out the door, along with larger numbers of remote workers, many organizations have yet to account for tightening their defenses to address the ongoing trends, claims the report, published by security and password management specialists Cloakware.
Based on a survey of over 12,500 U.S. IT security workers, the report claims that among those organizations represented in the research, a minimum of 1,312,500 laid-off or fired employees retain access to company systems in total.
Overall, the report contends that roughly 14 percent of all recently discharged workers still have access to proprietary data and organizational information, "revealing critical deficiencies of corporate security policies," Cloakware said. At least 21 percent of respondents admitted that they hadn't changed employees' passwords after they were terminated.
In other efforts to save money by moving more staffers out of the office, while some 90 percent of companies that responded said they employ remote workers and 41 percent said they have increased their use of the model over the last year, most of the organizations said that they hadn't altered their authentication policies to account for the shift.