Every month, hundreds of thousands of Americans leave their jobs. And they’re bringing their IT access with them—from passwords to the corporate Twitter account to confidential files stored in personal Dropbox accounts.
The 2014 Intermedia SMB Rogue Access Study quantifies the scope of the “Rogue Access” problem. And it presents a wake–up call for every business in the country.
The findings include:
“Most small businesses think ‘IT security’ applies only to big businesses battling foreign hackers,” says Michael Gold, President of Intermedia. “This report should shock smaller businesses into realizing that they need to protect their leads databases, financial information and social reputation from human error as well as from malicious activity.”
These risks have both technical and procedural causes. In fact, one of the weakest points identified in the report is the lack of formal “IT offboarding” procedures: 60% of respondents said they were not asked for their cloud logins when they left their companies.
Disgruntled ex-employees could steal money from PayPal, falsify financial details in Quickbooks, or post inappropriately on company social media. Well-intentioned ex-employees might purge important files from their personal cloud storage. And there are legal risks as well, such as the inability to complete eDiscovery or the failure to comply with regulatory obligations to protect sensitive data.
“I’ve heard a lot of stories about sales people who export customer lists or users who wipe all their data,” says Felix Yanko, president of Pittsburgh–based ServNet Tech, an IT consultant and Intermedia partner. “For a small business particularly, ‘Rogue Access’ creates a huge risk: if something happens that affects their clients and they get sued, they usually go out of business.”
To help businesses regain control over access to their IT apps, Intermedia’s report presents three solutions:
“People want to work at home. They want files available when they’re traveling. But when a company puts this functionality into place in an organic, uncoordinated way, there are real risks they may not have considered,” says Michael Osterman, President of Osterman Research. “This report provides direction for these companies to regain control over their cloud.”