Your Staplers Are Safe, Your Data Isn't

Jared Wade


October 1, 2010

IT professionals are always trying to keep hackers out, but many have long feared that the more insidious threat comes from within. A new survey from SailPoint confirms such worries. "There are more workers who are comfortable taking various forms of company data, such as customer contact information, than workers who would take a stapler," said Jackie Gilbert, co-founder and marketing vice president of SailPoint. In the United States, only 13% of employees would take small office supplies after they stop working for a company. But 29% would take customer data, 23% would take electronic files, and 15% would take product information, including designs and plans.

One way to increase IT security is to ensure that people only have access to the information they need. All too often, however, employees who do not need data to perform their daily job responsibilities, still have access to it.

And fortunately, the survey offers some good news on that front. When asked what they would do if they were inadvertently given access to a confidential file, more than a third of employees (36%) would not even look at it and instead alert a manager. Nearly half (45%) admitted that they would look at the file, which is troubling but expected given human nature. Less than 0.5% said they would actually attempt to sell the data.

Jared Wade is a freelance writer and a former editor of Risk Management.