As discussed by Mike Rosen on Foley Hoag’s Noncompete Blog here, and reported by the Washington Post and CNN, a recently released report by Symantec Corp. and the Ponemon Institute (which can be found here) revealed that 59% of ex-employees who leave their employment are stealing company information, and 67% of those who admitted to stealing company information also admitted that they used that information to leverage a new job.
As I posted back in early February, another recent report, this one from McAfee, concluded that the shrinking economy and growing ranks of unemployed were increasing incentives for insiders to steal confidential information. The Ponemon report seems to bear this out.
What’s troubling is that the Ponemon report found that only "15% of respondents’ companies review or perform an audit of the paper and/or electronic documents employees are taking. If they conduct a review, 45% say it was not complete and 29% say it was superficial." According to the McAfee report, however, 68% of the senior IT decision-makers surveyed cited insider threats as the top threat to essential information. Taking these two reports together, it appears that companies understand that their (and their customers’) confidential information is vulnerable to insider threats, yet they are not taking the necessary steps to secure that information from departing employees. In this current climate, where data breaches are expanding (both in terms of numbers and size), it is imperative for companies to adopt and implement comprehensive approaches to ensure the security of proprietary information accessible to a departing employee and to minimize the accessibility of such information.