Half of IT professionals admit to maintaining access to their employer's network after leaving the company.
A study from Protected Networks found that three quarters of the 49 percent who retained access used their permissions to access their former employer's network, some on multiple occasions. The research evaluated 100 IT decision makers from the UK in organisations with 1,000+ employees.
Nearly two thirds (65 percent) of those with access retained that access at a ‘user' level. Meanwhile, 22 percent maintained access at the ‘administrator' level giving them control to network resources for themselves and others.
Most IT respondents (83 percent) agreed that network access rights should be easier to manage and better monitored (80 percent) and 76 percent said that network access rights should be given a higher priority and attention.
Only 55 percent of employers took back any hardware provided to a departing employee for access such as a laptop, phone or VPN. More alarmingly, only 35 percent of employers ensured any software that permitted access on devices used by a departing employee was removed or uninstalled.
“The findings reveal an astonishingly liberal attitude of UK businesses to managing access to data on the corporate network, particularly if we bear in mind that this may potentially include granting access to valuable data like intellectual property, credit card data or sensitive private data about employees or clients,” said Keith Maskell, country manager at Protected Networks.
“The main reasons for this common failure are the very significant time, cost and resources required to manage complex access permissions structures. This is a massive oversight that security professionals need to address by adopting a modern access rights management solution.”