How well do organizations guard against potential attack from people who just left the company?
If you provide security services, that could be an important issue to bring up with them – whether they’re clients or not.
Businesses devote plenty of attention – and budget – to guarding against cyberattacks from entities and people they don’t know, but many aren’t doing enough to protect their technology infrastructures from security threats brought on by ex-employees, who would find it easier to infiltrate if they’re not properly de-provisioned from corporate applications, according to identity management provider OneLogin.
In a survey of 500 U.S.-based technology decision makers, San Francisco-based OneLogin found that one in every five said their failure to de-provision former employees from corporate applications has contributed to data breaches in their organizations.
“Companies aren’t following very basic but essential security measures around employee provisioning and deprovisioning,” Alvaro Hoyos, chief information security officer at OneLogin, said in a statement. “This should be a cause for concern among business leaders, especially considering how many data breaches are caused by ex-employees.”
Click through to read key findings from the survey, with commentary from solution providers.