Businesses are losing data to ex-employees

Businesses are losing data to ex-employees
Employees are clicking away sensitive data

According to a pan-European study conducted by information management company, Iron Mountain, employees have no qualms about taking highly-confidential or sensitive documents with them when they change jobs – with many of them believing they're not doing anything wrong.

The new study revealed that more than a half (51%) of European office workers who take information from their current employer when they switch jobs, opt for confidential customer or client databases despite data protection laws forbidding them to do so - although in the UK the numbers were slightly less with just 44% taking data.

Employees surveyed by Iron Mountain were found to leave armed with a range of information, including presentations (46%), company proposals (21%), strategic plans (18%) and product / service roadmaps (18%).

Iron Mountain's research suggests that employees do not usually take this out of malice, but because they feel they have a sense of ownership or believe it will be useful in their next role – with many unaware they are doing anything wrong. Two thirds said they had taken or would take information they had been involved in creating, and 72 per cent said they believed the information would be helpful in their new job.

While employees are more inclined to take data when they leave they're also prone to taking data while they're still employed, the study found almost one in three employees (32%) have taken or forwarded confidential information out of the office on more than one occasion.

Patrick Keddy, Senior Vice President at Iron Mountain recommends that businesses should up their exit procedures to avoid it happening to them, "Companies concerned about information security tend to focus on building a fortress around their digital data and then forget about the paper and the people."

Adding, "This study provides a fascinating insight into what people feel they have ownership of and why. The findings highlight the need for information management policies to be developed closely with Human Resources as part of a Corporate Information Responsibility programme. Firms of all sizes, across all business sectors, need to ensure that employee-exit procedures are robust and compassionate, and that guidelines recognise that how people feel directly influences their behaviour and actions."