Beyond Identity launches cyber risk of staff study

In a recent study, phishing-resistant multi-factor authentication (MFA) provider Beyond Identity gathered responses from former employees across the United States, the United Kingdom, and Ireland and found a vast majority of employees (83%) admitted to maintaining continued access to accounts from a previous employer. The cybersecurity threat this poses is coupled with the fact that more than half of these employees (56%) said they had used this continued digital access with the specific intent of harming their former employer. 

Ongoing access to sensitive information paired with frequently malicious intent spelled disaster for these former employers. When the survey turned to focus specifically on responses from managers and business leaders, 74% admitted their company had been negatively impacted by a former employee breaching their cybersecurity. 

The most common hacks and infractions included logging into corporate social media (36%), looking through company emails (32%), and taking company files and documents (31%). More than one in four former employees even went so far as to log in to the back end of the company’s website. 

Results were gathered from currently employed persons, all of whom had previously left a single position. Their locations varied, as did their industries, levels of employment, and genders. However, in spite of this variance, responses were alarmingly similar and revealed a risk to employers globally.

According to the survey, a professional, detailed offboarding process could accomplish two important things: prevent unauthorised access by former employees by eliminating their passwords and other insecure authentication methods, and simultaneously generate goodwill, thereby lessening the motivation to harm a former employer. The study also revealed that the United States was much more likely to execute such an effective offboarding process, compared with companies based in the United Kingdom or Ireland.

A Beyond Identity spokesman said: "The results of this study were ultimately quite shocking, with many respondents freely admitting to using their former company’s cybersecurity weaknesses to cause intentional harm. Leaders appear acutely aware of the issue and yet unsure of exactly how to improve security or practice effective offboarding procedures. It’s safe to say that relatively little is safe at headquarters in this era of mass employee departures.

"The best way to maintain security during these tumultuous times is to leave it to the professionals. According to the survey, a professional, detailed offboarding process could accomplish two important things: prevent unauthorised access by former employees by eliminating their passwords and other insecure authentication methods, and simultaneously generate goodwill, thereby lessening the motivation to harm a former employer. The study also revealed that the United States was much more likely to execute such an effective offboarding process, compared with companies based in the United Kingdom or Ireland."

To read Beyond Identity’s full findings and to hear steps on how to implement effective offboarding processes that protect your company’s assets, please visit the survey.