Study Finds Many Employees Worldwide Would Gladly Sell Their Work Passwords For Money
Companies are increasingly focusing on security in today's connected world, but may hit a wall if greedy employees choose treason.
As it turns out, one in five employees would have no trouble selling their work passwords for the right sum, and it doesn't even have to be a large amount of money.
Security firm SailPoint conducted a study in this regards and found that as many as 44 percent of employees who said they would sell their credentials would agree to do it for less than $1,000.
For the 2016 SailPoint Market Pulse Survey, independent research firm Vanson Bourne interviewed 1,000 office workers at various private organizations worldwide, which had at least 1,000 employees in France, Australia, Germany, the UK, the United States and the Netherlands.
Among the key findings, the study revealed that a staggering 65 percent of respondents used a single password for all applications, and one-third of employees shared their passwords with co-workers. More alarmingly, one in five would sell their passwords to outsiders.
If last year one in seven employees would willingly compromise their work credentials, things got even worse.
"This year, we found that 1 in 5 respondents would sell their passwords to a third-party organization and a staggering 44% of them would do it for less than $1,000," SailPoint notes in its report. "Even more concerning? Some would sell their corporate credentials for less than $100."
At the same time, companies could also do a better job in securing their data after parting with employees. According to the survey, more than 40 percent of respondents said they still had access to various corporate accounts even after leaving the company.
"If the most recent data breaches have shown us anything, it's that no company is safe from attacks, and the method by which information is taken is slowly changing," further says SailPoint. "The commonality across almost every breach is hackers are now targeting the weakest link in the security infrastructure: people."
The company points out that individual users' digital identities are they key to unlocking corporate applications and data. Keeping data safe is ever-challenging, but companies can't do it by themselves - employees must also protect their digital identities.
"Identity is everything. And sometimes, it's the only thing standing between an organization and the next significant data breach."