The curse of the ex-employee

Despite businesses of all sizes becoming increasingly security conscious, a new study from OneLogin, the identity management provider bringing speed and
integrity to the modern enterprise, reveals many businesses aren’t doing enough to guard against security threats brought on by ex-employees.

The research is based on the results of a quantitative survey completed by 500 U.S.-based IT decision makers. Each of the respondents serves in a corporate IT department where they have some-level of responsibility over the company’s IT security.

All of the companies represented provision and de-provision employee logins in-house. Quotas were applied to gender, the age of respondent and the region in which they reside to ensure that the sample was nationally representative.

>See also: Cyber security is a ‘people problem’

According to 20% of the respondents, failure to de-provision employees from corporate applications has contributed to a data breach at their organisation. The research found that
nearly half (48%) of respondents are aware of former employees who still have access to corporate applications, with 50 percent of IT decision-makers ex-employee’s accounts
remaining active once they have left the company for longer than a day.

A quarter (25 %) of respondents take more than a week to de-provision a former employee and a quarter don’t know how long accounts remain active once the employee has left
the company.

The study found that close to half (44%) of respondents lack confidence that former employees have been removed from corporate networks at all. This points to an increasing
need for companies to use a security information and event management (SIEM) system, of which nearly half (41%) aren’t currently using.

A SIEM solution can help monitor employee app. usage to detect threats to the corporate network. Integrating a SIEM solution with the company’s identity and access management system can help enforce login policies across their entire application portfolio to provide businesses another layer of security.

>See also: 10 cyber security trends to look out for in 2017

“The bottom-line is that companies aren’t following very basic but essential security measures around employee provisioning and deprovisioning,” said Alvaro Hoyos, chief information security officer, OneLogin.

“This should be a cause for concern among business leaders, especially considering how many data breaches are caused by ex-employees.”

“That said, at least now we’re at a point where we are acknowledging there is a problem,” added Hoyos. “The next step is going to be for IT decision-makers to be proactive about addressing this issue. Modern enterprises need technology that can automate the provisioning processes to help companies become more secure, productive, and efficient.”


The UK’s largest conference for tech leadershipTech Leaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics

IT Security