Back to Insights
Survey: Ex-employees Keep Access to Corporate Apps, Data at Half of U.S. Firms
July 17, 2017 | Account Provisioning
By Chris Gonsalves, IANS Director of Technology Research
Former employees at about half of U.S. companies still have access to corporate applications after they leave their jobs, according to new research. That lack of diligent deprovisioning contributed to data breaches at one in five organizations polled, the data shows.
The research report from password management vendor OneLogin also found that a quarter (25 percent) of enterprise IT decision makers say their company takes more than a week to deprovision a former employee. The same percentage say they don’t know how long accounts remain active once the employee has left the company.
The OneLogin results mirror responses to the IANS Technical Excellence Diagnostic, which surveys security procedures at some 4,000 enterprise organizations. On the question of deactivating invalid accounts, the assessment respondents averaged just 5.5 on a 10-point scale of capability and adherence to best practices.
“The bottom-line is that companies aren’t following very basic but essential security measures around employee provisioning and deprovisioning,” said Alvaro Hoyos, chief information security officer at OneLogin in San Francisco and a member of the Forbes Technology Council. “This should be a cause for concern among business leaders, especially considering how many data breaches are caused by ex-employees.”
OneLogin surveyed 500 U.S.-based IT decision makers with some-level of responsibility for the company’s IT security. All of the measured respondents handled provisioning and deprovisioning of employee accounts in-house.
According to the report, nearly half (44 percent) of respondents remain concerned that former employees may never be cut off from corporate networks. While use of robust security information and event management system to monitor unauthorized employee application use, more than 40 percent have no SIEM in place; only a minority of those have the SIEM integrated with their company’s identity and access management system to help enforce login policies and provide an added layer of security.
“We’re at a point where we are acknowledging there is a problem,” added Hoyos. “The next step is going to be for IT decision-makers to be proactive about addressing this issue.
“Modern enterprises need technology that can automate the provisioning processes to help companies become more secure, productive, and efficient,” Hoyos said.
Revoke Network Access Efficiently and Effectively
Help Developers Understand the Importance of Least Privilege
Implement a Strong Corporate Password Policy