SYS-CON MEDIA Authors: Pat Romanski, Nikita Ivanov, Yeshim Deniz, Elizabeth White, Sean Houghton

News Feed Item

The ex-employee menace: 89 per cent retain access to Salesforce, QuickBooks & other sensitive corporate apps

-- Intermedia's 2014 SMB Rogue Access Study explores the security threat posed by former employees.

READING, England, Aug. 13, 2014 /PRNewswire/ -- What do you take with you when you leave your job? According to a new report from Intermedia, the world's largest one-stop shop for essential IT apps for SMBs, the answer probably includes IT access—such as passwords to the corporate Twitter or Salesforce account, or confidential files stored in personal Dropbox accounts.

To view the multimedia assets associated with this release, please click http://www.multivu.com/players/English/7281751-intermedia-s-2014-smb-rogue-access-study-security-threat-posted-by-former-employees/

This data comes from the 2014 Intermedia SMB Rogue Access Study, which was released today. Based on a survey of knowledge workers performed by Osterman Research, this study quantifies the staggering scope of the "Rogue Access" problem. And it presents a wake-up call for every business in the country.

Read the Rogue Access report at http://www.intermedia.co.uk/Reports/RogueAccess?utm_source=PR&utm_medium=Newswire&utm_content=Report&utm_campaign=SSAppID. Findings from the report include:

  • 89% of those surveyed retained access to Salesforce, PayPal, email, SharePoint or other sensitive corporate apps
  • 45% retained access to "confidential" or "highly confidential" data
  • 49% actually logged into ex-employer accounts after leaving the company
  • 68% admitted to storing work files in personal cloud storage services

"Most small businesses think 'IT security' applies only to big businesses battling foreign hackers," says Michael Gold, President of Intermedia. "This report should shock smaller businesses into realising that they need to protect their leads databases, financial information and social reputation from human error as well as from malicious activity."

These risks have both technical and procedural causes. In fact, one of the weakest points identified in the report is the lack of formal "IT offboarding" procedures: 60% of respondents said they were NOT asked for their cloud logins when they left their companies.

From lost data to compliance failures: the wide-ranging risks of Rogue Access

The risks of Rogue Access are endless. Disgruntled ex-employees could steal money from PayPal, falsify financial details in Quickbooks, or post inappropriately on company social media. Well-intentioned ex-employees might purge important files from their personal cloud storage.  And there are legal risks as well, such as the inability to complete eDiscovery or the failure to comply with regulatory obligations to protect sensitive data.

"I've heard a lot of stories about salespeople who export customer lists or users who wipe all their data," says Felix Yanko, president ServNet Tech, an IT consultant and Intermedia partner. "For a small business particularly, 'Rogue Access' creates a huge risk: if something happens that affects their clients and they get sued, they usually go out of business."

Three solutions to the Rogue Access challenge

To help businesses regain control over access to their IT apps, Intermedia's report presents three solutions:

  • Organisations should implement strict access and user lifecycle management policies, including a stringent IT offboarding checklist. Intermedia has developed a collection of best practices as well as an IT offboarding checklist, and made them free to download.
  • Companies should offer business-grade cloud storage that's as easy to use as consumer-grade services. This makes it less likely that employees will use personal services that lack high levels of IT control and protection.
  • Companies should provide users with single sign-on portals. SSO portals are a fast-trending IT tool for a reason: they give users a single point of entry into the cloud, which makes it much easier for IT to manage and track access.

"People want to work at home. They want files available when they're travelling. But when a company puts this functionality into place in an organic, uncoordinated way, there are real risks they may not have considered," says Michael Osterman, President of Osterman Research. "This report provides direction for these companies to regain control over their cloud."

For more information— including a downloadable list of IT access best practices and an IT offboarding checklist—read Intermedia's Rogue Access report at http://www.intermedia.co.uk/Reports/RogueAccess?utm_source=PR&utm_medium=Newswire&utm_content=Report&utm_campaign=SSAppID. You can also follow @intermedia_UK on Twitter or participate in the conversation at #StopRogueAccess.

About Intermedia

Intermedia is the world's largest one-stop shop for cloud business applications. Its Office in the Cloud™ suite integrates all of the essential IT services that organisations need to do business, including email, file share and collaboration, single sign-on, security, mobility, archiving and more. Office in the Cloud goes beyond unified communications to encompass the widest breadth of fundamental IT services delivered by any single provider.

Think of it as a "Business Cloud Platform." All of Intermedia's services are integrated into its HostPilot® Control Panel. There's just one login, one password, one bill and one source of support, which creates tremendous cross-service efficiencies for both users and IT administrators. And all its services offer enterprise-grade security, 99.999% availability and 24/7 phone support with hold times of less than 60 seconds.

Intermedia has 60,000 customers, over 1,000,000 paying users, and 5,000 active partners—including VARs, MSPs, telcos and cable companies. Its industry leading Partner Programme lets partners sell under their own brand with full control over billing, pricing and every other element of their customer relationships. Intermedia is the world's largest independent provider of hosted Exchange.

Intermedia has 600 employees in three countries who manage ten data centres to power its Office in the Cloud—and who work relentlessly to assure customers and partners of a Worry-free Experience™. Learn more at www.Intermedia.co.uk.

Contact
Denis Davies/Andy Lloyd-Williams, +44 0118 909 0909, [email protected]

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and asse...
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will w...
DevOps is all about agility. However, you don't want to be on a high-speed bus to nowhere. The right DevOps approach controls velocity with a tight feedback loop that not only consists of operational data but also incorporates business context. With a business context in the decision making, the right business priorities are incorporated, which results in a higher value creation. In his session at DevOps Summit, Todd Rader, Solutions Architect at AppDynamics, discussed key monitoring techniques...
The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to th...
SYS-CON Media announced that Centrify, a provider of unified identity management across cloud, mobile and data center environments that delivers single sign-on (SSO) for users and a simplified identity infrastructure for IT, has launched an ad campaign on Cloud Computing Journal. The ads focus on security: how an organization can successfully control privilege for all of the organization’s identities to mitigate identity-related risk without slowing down the business, and how Centrify provides ...
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
In her General Session at 15th Cloud Expo, Anne Plese, Senior Consultant, Cloud Product Marketing, at Verizon Enterprise, focused on finding the right mix of renting vs. buying Oracle capacity to scale to meet business demands, and offer validated Oracle database TCO models for Oracle development and testing environments. Anne Plese is a marketing and technology enthusiast/realist with over 19+ years in high tech. At Verizon Enterprise, she focuses on driving growth for the Verizon Cloud platfo...
"There is a natural synchronization between the business models, the IoT is there to support ,” explained Brendan O'Brien, Co-founder and Chief Architect of Aria Systems, in this SYS-CON.tv interview at the 15th International Cloud Expo®, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the ...
This builds on Puppet Labs' first class Windows support, including native .MSI packages for x32 and x64 operating systems, modules to extend common Windows server management tools, including Powershell, and integrations with Microsoft Azure and Visual Studio. By automating common Windows administration tasks, Puppet Labs is enabling users to adopt DevOps practices, thereby reducing the time needed to deploy applications from weeks to hours.
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.