Feeds

One third of workers open to bribes for data theft

Who wants to be a millionaire?

Secure remote control for conventional and virtual desktops

A somewhat self-serving survey ahead of an information security trade show in London next week reveals a third of workers can potentially be bribed into handing over company data.

A poll of 600 workers at busy London railway stations found more than a third (37 per cent), admitted that they would hand over their organisation's most sensitive data for inducements ranging up to a million pounds. Respondents were asked what it would take to persuade them to download and hand over sensitive company information to a stranger, with suggested incentives ranging from a "slap up meal" to offers of over ten million pounds.

Such disloyalty wasn't easily purchased, with two-thirds of those with flexible ethics saying they'd only engage in a spot of industrial espionage for at least one million pounds, although 10 per cent would do it if their mortgage was paid off.

Around one in twenty of the sample would do it for modest inducements of a holiday, getting rid of credit card debt or a new job, respectively. One in 50 told researchers running the poll that they'd be willing to hand over their company’s crown jewels in exchange for a slap up meal.

When the requested information changed to credit card details or security codes, then employees became harder to bribe, with 80 per cent refusing to hand over the data at any price.

Workers quizzed had access to a range of information ranging from customer data bases (83per cent) to business plans (72 per cent), accounting systems (53 per cent), and IT admin passwords (37 per cent).

Two thirds (68 per cent) of employees reckon it would be easy to sneak data out of their organisation. One third felt less loyalty to the organisation they worked for against five per cent who felt more loyalty, compared to a year ago.

In previous years, Infosecurity surveys have concentrated on what little inducement workers need to hand over their passwords (biros, choccy bars, take your pick). This year around the show organisers have upped the ante, with a pitch calculated to push the message that in an uncertain economy, firms should be more wary of their workers.

The argument is that firms should install Data Leak Protection technology, undoubtedly music to the ears of Infosec's exhibitors.

It's conventional wisdom that corrupt insiders - rather than hackers - pose the greatest security threat, but a recent survey by Verizon Business, which looked at real incidents of data breaches, found the opposite. The Verizon survey is well worth thinking about before placing too much weight on what people are apt to say at train stations. ®

Beginner's guide to SSL certificates

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.