Many employees have “too much access” to company information


nsider threats and disgruntled employees remain one of the biggest risks for organisations according to a new report by CyberArk.

Based on a poll of more than 1,000 UK office workers, the report says that almost half of them have, or have had, access to sensitive financial documents. Roughly the same percentage has had access to HR data, and nearly a third direct access to bank accounts – yet many companies are still failing  to lock down business critical data.

CyberArk calls these figures ‘alarming’, as employees with too much access pose a ‘heightened insider threat’.

But it’s not just current employees. Former employees, also known as ghost employees, also pose a significant threat. Ghost employees are those that leave the company, but their accounts and credentials remain active (for example, an active email address from an employee that no longer works). Not only does this open the doors for disgruntled former employees wreaking havoc, but also allows hackers easier access to the target company.

Read more…