Half of employees think taking company IP when leaving their job is okay: survey

Half of employees who left or lost their jobs last year took confidential data with them when the departed, with 40% planning to use that data in their new job, findings from a new global survey suggest.

The report from the global survey, “What’s Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk,” from tech security company Symantec Corp. suggests that many employees think it’s fine to take intellectual property with them when they leave a company.

That may be because company rules on the matter aren’t enforced.

Only 47% of those surveyed said their organization takes action when employees take sensitive information contrary to company policy, and 68% said their organization does not take steps to ensure employees do not use confidential competitive information from third-parties, the survey results suggest.

The survey was conducted by The Ponemon Institute in October 2012. The results are based on responses from 3,317 individuals in the United States, United Kingdom, France, Brazil, China and Korea.

“Companies cannot focus their defenses solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain,” Lawrence Bruhmuller, vice president of engineering and product management for Symantec commented in a statement on the survey findings.

“The everyday employee, who takes confidential corporate data without a second thought because he doesn’t understand it’s wrong, can be just as damaging to an organization,” he said. “Education alone won’t solve the problem of IP theft. Companies need data loss prevention technologies to monitor use of IP and flag employee behavior that puts confidential corporate data at risk. The time to protect your IP is before it walks out the door.”

Other survey highlights include:

• 62% said it is acceptable to transfer work documents to personal computers, tablets, smartphones or online file sharing applications. The majority never delete the data they’ve moved because they do not see any harm in keeping it.
• 56% of employees do not believe it is a crime to use a competitor’s trade secret information
• 44% of employees believe a software developer who develops source code for a company has some ownership in his or her work and inventions, and 42% do not think it’s a crime to reuse the source code, without permission, in projects for other companies.
• 38% of employees say their manager views data protection as a business priority, and 51% think it is acceptable to take corporate data because their company does not strictly enforce policies.

“When it comes to trade secret theft by mobile employees, an ounce of prevention is usually worth ten pounds of cure,” Dave Burtt, founder of Mobility Legal P.C. noted.

“We consistently see departing employees who don’t understand their obligation to keep trade secrets secret, but are just as often faced with companies whose own procedures are sorely lacking when it comes to protecting valuable IP,” he said.

“Before employees exit, dust off agreements they likely haven’t looked at in years, figure out all of the places the employee has stored sensitive company information and get it back, and ensure that employees understand their continuing obligations not to use or disclose company trade secrets.”