Why SMEs can’t forget about past employees
Three quarters of businesses could be subjected to security breaches from past employees, as they lack sufficient protection to guard against cyber threats.
That is according to IS Decisions, which discovered that only 24% of companies have a strict process in pace to ensure that former employees cannot access sensitive information when they leave a role.
This major security oversight could potentially put companies at risk as an unhappy former member of staff could potentially disrupt business operations.
In severe instances this could lead to a loss of business, legal issues or even financial complications if problems are expensive to put right.
Should these issues threaten the longevity of the company, seeking advice from an insolvency practitioner is recommended as solutions may be available to rectify the situation.
The research agrees with a study from the employees’ perspective from 2014 that revealed a third of former employees were still able to access systems after leaving a job.
Nearly one in ten people also said they regularly access old systems once they have left, although the reasons for doing so were not disclosed.
Overlooking former employees can be very easy for business owners and bosses who are focused on other aspects such as driving sales, marketing and financial management.
However, an employee with access to sensitive information could be just as dangerous to a business as any hacker were they to have a motive for causing damage or disruption.
Systems often miss out on these types of log-in too as the details that are entered often match up with security information that would have existed when an employee was still in work.
This opens up the possibility that threats could go undetected for large periods of time, placing firms at risk.
Constantly changing details on computer systems is one way of managing such threats, as it ensures that past log-in details should not be accepted.
Technological firms are most likely to be those at risk, and could face huge financial losses in instances where sensitive data is lost or made available to the wrong people.
This could result in fines for failing to protect information and could damage a brand or service in the process, leading to reduced sales and financial hardship.
By Phil Smith