Unethical or malicious staff in the smaller firms could abuse Shadow IT and data access privileges, especially when planning to exit

According to research by the London School of Economics and Political Science, employee well-being is linked to productivity, performance talent retention.

Now, one cybersecurity firm has surveyed 1,300 small- and medium-sized enterprises (SMEs) in its user ecosystem and unearthed another aspect of employee well-being that may need further attention.

The data showed that almost half of respondents could not confidently claim that their ex-employees did not have access to their corporate digital assets, implying that undesirable factors in employee-employer relationships may increase cyber risks.

Disgruntled employees (or simply those with poor ethical and moral values) may misuse data, redirect company resources to drum up business for themselves, or take data with them to their next employer when they leave.

    • 63% of SME respondents indicated they worried that former employees will share the company’s internal data with new employers
    • 60% worried that unhappy or immoral employees could steal client databases to launch their own business
    • 31% of respondents indicated that cost cutting measures in the case of a corporate or global crisis could include reductions in employment. Other possible cost-cutting measures included cuts in advertising and promotion spending (36%) and vehicles (34%). Cybersecurity was not an area where business leaders would prefer to cut funds off of

According to the firm’s Head of Information Security, Alexey Vovk, unauthorized access by ex-employees or malicious employees can become a huge problem for any business in terms of losing competitive advantage or worse consequences. He said: “This problem becomes more complicated when employees actively use non-corporate or ‘shadow IT’ services that are not deployed or controlled by corporate IT departments. If the usage of these services is not managed after an employee is dismissed, there is little chance that access to information shared via these applications will be shut off for a former worker.”