Half of ex employees retain access to former company networks

Nearly half of ex-employees retain access to their former companies’ networks after they leave, according to a report. Research from Protected Networks showed that 49 per cent of workers keep access despite leaving their firms, sometimes for many months after their last day at work.

Of these, three quarters say they have used their permissions to access their former employers’ networks, with some doing so on several occasions for up to a year.

The relaxed attitude of businesses is further illustrated by the fact that 57 per cent of those who noticed this activity still failed to remove access rights.

“The findings reveal an astonishingly liberal attitude of UK businesses to managing access to data on the corporate network, particularly if we bear in mind this may potentially include granting access to valuable data like intellectual property, credit card data or sensitive private data about employees or clients,” said Keith Maskell, country manager at Protected Networks.

“Perhaps in some cases companies do not consider that their ex-employees are a threat, or administration staff are too overloaded to make systems changes on time, but in fact this common failure to remove data access rights creates a serious security vulnerability that can be exploited later by hackers, if not by the ex-employees themselves.”

While 65 per cent of ex-employees with old accounts had user-level access, the survey showed that 22 per cent held administrator-level access rights.

Meanwhile, 83 per cent of IT workers think access rights should be easier to manage, 80 per cent think they should be better monitored and 76 per cent said they think they should be given a higher priority and more attention.