The firm surveyed more than 600 IT decision-makers in the UK and found respondents were aware that over half (58%) of former employees are still able to access corporate networks even after they’ve left a company.
This is particularly concerning when you consider that OneLogin also discovered that almost a quarter (24%) of UK companies have suffered data breaches by former members of staff.
The study highlighted flaws in the security processes implemented by organizations when an employee leaves too. Almost all (92%) of those polled admitted to spending up to an hour on manually deprovisioning past workers from every corporate application. Whilst 50% were not using automated deprovisioning technology to ensure an employee’s access to corporate applications stops the moment they leave the business – this could explain why over a quarter of ex-employee’s corporate accounts remain active for a month or more.
“Our study suggests that many businesses are burying their heads in the sand when it comes to this basic, but significant, threat to valuable data, revenue and brand image,” said Alvaro Hoyos, chief information security officer at OneLogin. “With this in mind, businesses should proactively seek to close any open doors that could provide rogue ex-employees with opportunities to access and exploit corporate data.”