Minneapolis, MN — February 20, 2020 — /BackupReview.info/ — Code42, the leader in insider threat detection, investigation and response, released its 2020 Data Exposure Report on insider threat. The study found that cloud-based collaboration technologies and workforce turnover have become major drivers of data exfiltration as insider threat programs fail to keep pace with today’s digital workplace. Code42 surveyed nearly 5,000 knowledge workers at companies with more than 1,000 employees in the U.S., U.K. and Germany.

“When it comes to data loss, leak and theft, for too many companies, the inside is their blindside,” said Joe Payne, Code42’s president and CEO. “Insider threat programs are not keeping up with today’s collaborative work culture. People and data are on the move now more than ever. Workers are switching jobs, and company files are being uploaded to the web, emailed as attachments and synched to personal cloud accounts. Our new report is a wake-up call for security teams that have traditionally relied on prevention-based security strategies for blocking when the rest of their organization is busy sharing.”

Workers Opt for Unsanctioned Collaboration Tools to Share Company Files
Cloud-based collaboration tools have changed the workplace. As part of their regular work routines, employees are emailing, airdropping, messaging and slacking from desktops, mobile devices, on the road and in coffee shops. According to the report, workers routinely use both authorized and unauthorized cloud-based platforms to share files and ideas with colleagues. They sidestep sanctioned tools because they believe they are too complicated, restrictive and slow—or don’t have enough features.

The study found:

  • The leading corporate standards for file sharing and collaboration include email (34%), Microsoft Sharepoint (26%), Microsoft OneDrive (23%) and Google Drive (19%)
  • WhatsApp (34%), Google Drive (30%), Facebook (29%) and personal email (26%) are the most commonly-used unauthorized platforms for sharing files with colleagues
  • Thirty-seven percent (37%) of workers use unauthorized apps daily while 26% use them weekly to share files with colleagues

Collaboration Tools Rated Among Top Vectors for Data Exfiltration
While technology has made it easy for employees to share files legitimately via personal email and the cloud, it’s also made it easier for them to exfiltrate — or even infiltrate — data like product ideas, source code and customer lists. The risk of insider threat incidents is heightened because the very tools that workers use to collaborate are some of the most popular vectors for data exfiltration.

The study found:

  • More than one-third (36%) of workers believe that the increased emphasis on file sharing has made them more complacent about data security
  • Workers move data from one organization to another using email (38%), print hard copies (37%), external devices (35%), cloud collaboration platforms (31%) and browser uploads (26%)
  • Nearly three-fourths (73%) of employees report they have access to data they didn’t create; 69% can view data they didn’t contribute to; and 59% can see data from other departments

Insider Threat Programs Earn a Failing Mark as Workers Change Jobs
The simple act of changing jobs can tempt employees to take company data — and workers are changing jobs more frequently than ever. Security teams continue to grapple with how to effectively deal with data theft and misuse — whether accidental or intentional — when employees depart. As workers move from company to company, they admit that they have not only taken data with them, they have done it more than once. The consequences of this behavior are even more damaging to a business when workers take data from a former employer and go to work for a competitor. According to the research, both former and new employers do little to stop data theft by transitioning employees.

Key findings said:

  • 51% of the workers surveyed believe that the risk to corporate data when employees depart is bigger than organizations think
  • Two-thirds (63%) of respondents who said they have taken data are repeat offenders
  • Nearly nine out of ten (87%) of employees report that no one ever approached them from their former employer to verify that they hadn’t taken data
  • Three-fourths (75%) of respondents say that their new employer did not ask them if they had brought data from their previous employer
  • One-third (32%) of respondents who had infiltrated data were encouraged by their new employers to share it with new colleagues

“Without the ability to detect and investigate file movement both inside and outside company walls, insider threat programs are leaving data more vulnerable and security teams flying blind,” said Jadee Hanson, chief information security officer and vice president of information systems for Code42. “There’s a gap in the protection stack. Security teams need to reassess their solutions. This starts with an insider threat program that provides complete data visibility — from who has data access, to where data lives and moves.”

For more details, download a free copy of the 2020 Data Exposure Report here — https://www.code42.com/go/2020-data-exposure-report-g/

To learn more about how to detect, investigate and respond to insider threats, visit the Code42 website or the Code42 booth N-6079 at RSA 2020 — https://www.code42.com/go/rsac20/

About Code42
Code42, the global leader in cloud-based endpoint data security and recovery, protects more than 47,000 organizations worldwide. Code42 enables IT and security teams to centrally manage and protect critical data for some of the most recognized brands in business and education. From monitoring endpoint data movement and use, to meeting data privacy regulations, to simply and rapidly recovering from data incidents no matter the cause, Code42 is central to any organization’s data security strategy. Code42 is headquartered in Minneapolis, Minn., and backed by Accel Partners, JMI Equity, NEA and Split Rock Partners. For more information, visit www.code42.com

Contact:
Code42
Gerri Dyrek
844-333-4242
Vice President Corporate Marketing
gerri.dyrek@code42.com
www.code42.com

Source: Code 42

 

 

 

Related posts:

  1. Code42 Offers New Insider Risk Detection Capabilities to Help Security Teams Quickly Spot Data Theft When Employees Resign and Depart
  2. Code42 Next-Gen Data Loss Protection Solution Adds New Advanced Data Exfiltration Detection
  3. Code42 Next-Gen Data Loss Protection Solution Integrates with Box
  4. Code42 Wins Two Prestigious Cybersecurity Awards
  5. Code42’s New Data Loss Detection and Response Capabilities Spot Data Theft When Employees Quit
  6. Code42 to Focus Exclusively on its Rapidly Growing Business in the Enterprise and Small Business Markets
  7. Code42 2019 Global Data Exposure Report Finds 69% of Security Leaders Say Data Loss Prevention Cannot Stop Insider Threat
  8. Code42 Highlights Findings from its 2018 Data Exposure Report During Live Webinar
  9. The New Code42 Next-Gen Data Loss Protection Solution Delivers Policy-Free Insider Threat Detection
  10. Code42 Continues to Expand Insider Threat Detection Capabilities with New Integrations to Cloud-Based Email Platforms

Tags: , ,