5 January 2016
How quickly do you close dormant accounts? New research raises concerns for businesses leaving the door open
Commissioned by Ilex, the latest YouGov research uncovered the reality of orphan accounts and the security risks posed for British businesses. The survey found that 39 percent of large businesses took a few days to a month to close dormant accounts, raising serious concerns for British businesses. Taking time to close dormant accounts leaves businesses open to a cyberattack, either by a malicious ex-employee, contractor, partner or an opportunistic hacker.
The study also found that five percent waited up to a week, three percent within a fortnight and eight percent confessed to only removing access within a month after departure. Immediate termination on or before the day of departure is even worse for small and medium size businesses. These results are worrying, as disgruntled employees or partners are unlikely to wait until a month after leaving to access confidential company information.
Despite the fact that the cost of cybersecurity to the UK economy is expected to grow, the research found that only 11 percent of businesses surveyed expect a data security breach in 2016. Large businesses were the most wary, with 30 percent expecting a breach, compared to 24 percent of medium and only six percent of small businesses. With the number of new employees expected to increase over the coming months, hiding from the truth is not an option.
According to the Online Alliance Trust, almost one-third of data breaches in 2014 were caused either accidentally or maliciously by employees. Research published by the Sans Institute in April 2015 shows that while insider threats are a key concern for security professionals, 40 percent of businesses polled had no systems in place to address this concern, while 32 percent said they lacked appropriate policies and procedures to deal with insider threats.
You can find further details on of the account access and termination research findings here.
This follows on from Ilex International’s ‘Breach Confidence Index’ which uncovered the confidence levels of British businesses against a data security breach and reveals the primary reasons why businesses have suffered a breach.