Code42 Data Exposure Report: Collaborative Work Environments, Dynamic Workforce Exacerbate Insider Threat Problem

  • 36% of workers believe that the increased emphasis on file sharing has made them more complacent about data security
  • 51% of the workers surveyed believe that the risk to corporate data when employees depart is bigger than organizations think
  • Insider threat programs have failed to keep pace with today’s collaborative work cultures

MINNEAPOLIS--()--Code42, the leader in insider threat detection, investigation and response, released its 2020 Data Exposure Report on insider threat. The study found that cloud-based collaboration technologies and workforce turnover have become major drivers of data exfiltration as insider threat programs fail to keep pace with today’s digital workplace. Code42 surveyed nearly 5,000 knowledge workers at companies with more than 1,000 employees in the U.S., U.K. and Germany.

“When it comes to data loss, leak and theft, for too many companies, the inside is their blindside,” said Joe Payne, Code42’s president and CEO. “Insider threat programs are not keeping up with today’s collaborative work culture. People and data are on the move now more than ever. Workers are switching jobs, and company files are being uploaded to the web, emailed as attachments and synched to personal cloud accounts. Our new report is a wake-up call for security teams that have traditionally relied on prevention-based security strategies for blocking when the rest of their organization is busy sharing.”

Workers Opt for Unsanctioned Collaboration Tools to Share Company Files

Cloud-based collaboration tools have changed the workplace. As part of their regular work routines, employees are emailing, airdropping, messaging and slacking from desktops, mobile devices, on the road and in coffee shops. According to the report, workers routinely use both authorized and unauthorized cloud-based platforms to share files and ideas with colleagues. They sidestep sanctioned tools because they believe they are too complicated, restrictive and slow—or don’t have enough features.

The study found:

  • The leading corporate standards for file sharing and collaboration include email (34%), Microsoft SharePoint (26%), Microsoft OneDrive (23%) and Google Drive (19%)
  • WhatsApp (34%), Google Drive (30%), Facebook (29%) and personal email (26%) are the most commonly-used unauthorized platforms for sharing files with colleagues
  • Thirty-seven percent (37%) of workers use unauthorized apps daily while 26% use them weekly to share files with colleagues

Collaboration Tools Rated Among Top Vectors for Data Exfiltration

While technology has made it easy for employees to share files legitimately via personal email and the cloud, it’s also made it easier for them to exfiltrate — or even infiltrate — data like product ideas, source code and customer lists. The risk of insider threat incidents is heightened because the very tools that workers use to collaborate are some of the most popular vectors for data exfiltration.

The study found:

  • More than one-third (36%) of workers believe that the increased emphasis on file sharing has made them more complacent about data security
  • Workers move data from one organization to another using email (38%), print hard copies (37%), external devices (35%), cloud collaboration platforms (31%) and browser uploads (26%)
  • Nearly three-fourths (73%) of employees report they have access to data they didn’t create; 69% can view data they didn’t contribute to; and 59% can see data from other departments

Insider Threat Programs Earn a Failing Mark as Workers Change Jobs

The simple act of changing jobs can tempt employees to take company data — and workers are changing jobs more frequently than ever. Security teams continue to grapple with how to effectively deal with data theft and misuse — whether accidental or intentional — when employees depart. As workers move from company to company, they admit that they have not only taken data with them, they have done it more than once. The consequences of this behavior are even more damaging to a business when workers take data from a former employer and go to work for a competitor. According to the research, both former and new employers do little to stop data theft by transitioning employees.

Key findings said:

  • 51% of the workers surveyed believe that the risk to corporate data when employees depart is bigger than organizations think
  • Two-thirds (63%) of respondents who said they have taken data are repeat offenders
  • Nearly nine out of ten (87%) employees report that no one ever approached them from their former employer to verify that they hadn’t taken data
  • Three-fourths (75%) of respondents say that their new employer did not ask them if they had brought data from their previous employer
  • One-third (32%) of respondents who had infiltrated data were encouraged by their new employers to share it with new colleagues

“Without the ability to detect and investigate file movement both inside and outside company walls, insider threat programs are leaving data more vulnerable and security teams flying blind,” said Jadee Hanson, chief information security officer and vice president of information systems for Code42. “There’s a gap in the protection stack. Security teams need to reassess their solutions. This starts with an insider threat program that provides complete data visibility — from who has data access, to where data lives and moves.”

For more details, download a free copy of the 2020 Data Exposure Report here. To learn more about how to detect, investigate and respond to insider threats, visit the Code42 website or the Code42 booth N-6079 at RSA 2020.

Methodology

The research for this report was conducted by Sapio Research, an independent research consultancy based in the U.K. The survey was taken online in December 2019 by 4,505 knowledge workers from companies with 1,000+ employees in the U.S. (2,003), the U.K. (1,501) and Germany, Austria and Switzerland (1,001).

About Code42

Code42 is the leader in insider threat detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

More than 50,000 organizations worldwide, including the most recognized brands in business and education, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NEA and Split Rock Partners. For more information, visit code42.com, read Code42’s blog or follow the company on Twitter.

©2020 Code42 Software, Inc. All rights reserved. Code42 and the Code42 logo are registered trademarks or trademarks of Code42 Software, Inc. in the United States and/or other countries. All other marks are properties of their respective owners.

Contacts

Gerri Dyrek
Vice President Corporate Marketing, Code42
gerri.dyrek@code42.com
844-333-4242

Release Summary

Code42 Data Exposure Report finds that insider threat programs fail to keep pace with today's digital workplace and data exfiltration challenges.

Contacts

Gerri Dyrek
Vice President Corporate Marketing, Code42
gerri.dyrek@code42.com
844-333-4242