Feeds

One third of workers open to bribes for data theft

Who wants to be a millionaire?

Providing a secure and efficient Helpdesk

A somewhat self-serving survey ahead of an information security trade show in London next week reveals a third of workers can potentially be bribed into handing over company data.

A poll of 600 workers at busy London railway stations found more than a third (37 per cent), admitted that they would hand over their organisation's most sensitive data for inducements ranging up to a million pounds. Respondents were asked what it would take to persuade them to download and hand over sensitive company information to a stranger, with suggested incentives ranging from a "slap up meal" to offers of over ten million pounds.

Such disloyalty wasn't easily purchased, with two-thirds of those with flexible ethics saying they'd only engage in a spot of industrial espionage for at least one million pounds, although 10 per cent would do it if their mortgage was paid off.

Around one in twenty of the sample would do it for modest inducements of a holiday, getting rid of credit card debt or a new job, respectively. One in 50 told researchers running the poll that they'd be willing to hand over their company’s crown jewels in exchange for a slap up meal.

When the requested information changed to credit card details or security codes, then employees became harder to bribe, with 80 per cent refusing to hand over the data at any price.

Workers quizzed had access to a range of information ranging from customer data bases (83per cent) to business plans (72 per cent), accounting systems (53 per cent), and IT admin passwords (37 per cent).

Two thirds (68 per cent) of employees reckon it would be easy to sneak data out of their organisation. One third felt less loyalty to the organisation they worked for against five per cent who felt more loyalty, compared to a year ago.

In previous years, Infosecurity surveys have concentrated on what little inducement workers need to hand over their passwords (biros, choccy bars, take your pick). This year around the show organisers have upped the ante, with a pitch calculated to push the message that in an uncertain economy, firms should be more wary of their workers.

The argument is that firms should install Data Leak Protection technology, undoubtedly music to the ears of Infosec's exhibitors.

It's conventional wisdom that corrupt insiders - rather than hackers - pose the greatest security threat, but a recent survey by Verizon Business, which looked at real incidents of data breaches, found the opposite. The Verizon survey is well worth thinking about before placing too much weight on what people are apt to say at train stations. ®

New hybrid storage solutions

More from The Register

next story
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.