Thriving data theft culture in the UK workforce

20 November 2006
Most organisations allocate significant budgets to IT security, putting in complex IT defences to protect from external threats yet managers are failing to address the thriving data theft culture of the UK workforce.

Independent research from Prefix IT reveals that lax management attitudes have allowed a culture of data theft to flourish in the British workplace. A picture of poor processes, policy creation and communication shows that management practices are badly out of step with today’s office morals; 60% of workers admit to theft of confidential documents, customer databases, business contacts and sales leads.

Data theft is endemic, yet only 7% of managers believe their companies have been affected by the issue and 29% of managers say the topic is not recognised at board level. This climbs to 50% in SMEs. Few employees are aware of security measures or company policies that prevent workplace theft and the majority of workers do not believe it is ‘wrong’ to steal from the office.

Graeme Pitts-Drake, CEO of Prefix IT, said: “Whilst trust in staff is laudable, it is professionally negligent not to protect company assets appropriately through policy and technical means. Failing to communicate with staff about un-acceptable activities is tantamount to endorsing theft.

Part 2 of the Prefix Security Report includes the responses of over 1,000 UK workers:
· 73% of workers are unaware of any special security measures to prevent workplace theft
· 44% of employees are unaware of policy explaining what can and cannot be taken home
· 63% say there are no restrictions on using personal portable devices eg USB memory sticks in the workplace
· 63% of workers believe employees ‘think nothing of taking things from the workplace’
· 30% of workers (37% of men) believe sales leads/business contacts are rightfully theirs

Those leaving a job are a particular threat, 65% consider taking data including sales leads. This figure rose to 72% amongst the 45-54 year age group and although lowest amongst employees of large SMEs (501- 1,000 employees) it was still 58%. Generally, 36% admitted they might download data to help in a new job.

By comparison, stationery theft was ‘small fry’ as only 25% said they would bother. Part 1 of the Prefix report revealed that the danger of data theft is compounded due to widespread ownership of personal storage devices (78% of the workforce), such as USB memory sticks or iPods. Pitts-Drake again: “In 10 seconds staff can download 10 mbs of data to a device that cost them £10, that’s the equivalent of 20,000 customer records. UK managers are living in dreamland if they think that theft doesn’t happen in their organisation, it’s a fact of business life today.”

Only 30% of managers said that guarding against data theft is a ‘key priority for the business’. In the SME sector this figure was markedly lower; 22% for small SMEs (51-250) and 28% for mid-sized SMEs (251-500).

Mid-sized SMEs (51-250 employees) have the biggest problem, as 36% of employees ‘have no issue’ with taking leads and database information. Graduate trainees pose the biggest threat; 55% believe there is no moral dilemma involved.

Over a quarter (27%) disagreed that ‘taking things from work was the same as stealing’. This response was strongest amongst 16-24 year olds (49%) and graduate trainees (41%). Supporting the theory that office theft is not only widespread but accepted practice, more than half (56%) of respondents agreed that ‘companies expect a certain amount of things to go walkabout’. The belief that office theft is accepted by employers was very strong amongst 25-34 year olds (63%) and those working in the capital (64%).

print versionPrint version | email this to a friendEmail to a friend | view other articles View other articles

Latest IT, computer and network security articles

 FireEye Closes $50 Million Funding Round

 Shield Guarding sets sights on major growth

 LogRhythm chosen by Maclay Murray & Spens LLP for comprehensive data security

 Comprehensive EndUser Protection to address BYOD challenge launched by Sophos

 Tyco- world’s largest pure-play fire protection and security solutions company acquires First City Care

 Arbor Networks Updates Industry-Leading Peakflow® SP Platform

 2013 Predictions countdown from Infosecurity Europe

 Toshiba Announces Advanced Encryption and Cryptographic-Erase for New Enterprise SSD and Mobile HDD Models

 Venafi says latest TURKTRUST CA attack is a rerun of the infamous DigiNotar incident of 2011

 Business Impact of 2013 IT Trends examined by ISACA

...[view more IT, computer and network security articles]...

 

Security websites for specific products:

Security websites for specific markets:

IT Security links


directory of IT, computer and network security suppliers
Search directory Register your company
IT, computer and network security books:

SEARCH NEWS
DIRECTORY
Google