April 13, 2009

More than one in eight employees can still access key company systems after they have been laid off, according to a survey just published by Cloakware, a Vienna, VA, provider of security software.

Financial services firms made up about 30 percent of the 12,500 respondents Cloakware polled last month (March, 2009), a spokeswoman told BS&T.

Telecommuting workers were a substantial factor in the data security risk, the survey revealed. With responsibility unclear, as remote access is often managed by multiple internal groups within a company, 21 percent of respondents admitted that they hadn't changed virtual employees' passwords after they were terminated.

In this era of mass layoffs, Cloakware extrapolates from its survey that at least 1.3 million employees still have access to company systems after they have left the organization. That's based on a continued access rate among 14 percent of respondents.

Gartner, the Stamford, Conn., research firm, noted in a February 2009 report that periods of financial hardship increase the risk of corporate fraud. In the report entitled, 'Best Practices in Information Security Before, During and After Employee Downsizing,' Gartner analysts Ant Allan, Jay Heiser and Roberta Witty noted: "The worldwide economic crisis, with its waves of employee downsizing is raising intense enterprise concern about the impact of these events on information security".

Cloakware president and COO David Canellos, commenting on its survey findings, said: "With companies facing dwindling margins, reducing overhead costs is driving a change in employee work arrangements, but it also reveals weak protection practices—a critical issue for long-term security".

ABOUT THE AUTHOR