Agile Computing Authors: Carmen Gonzalez, Liz McMillan, Frank Breuss, Jim Kaskade, Lori MacVittie

News Feed Item

Symantec Study Shows Employees Steal Corporate Data and Don't Believe It's Wrong

Companies Failing to Adequately Train Employees in Intellectual Property Theft Awareness

MOUNTAIN VIEW, CA -- (Marketwire) -- 02/06/13 -- Half of employees who left or lost their jobs in the last 12 months kept confidential corporate data, according to a global survey from Symantec (NASDAQ: SYMC), and 40 percent plan to use it in their new jobs. The results show that everyday employees' attitudes and beliefs about intellectual property (IP) theft are at odds with the vast majority of company policies.

Employees not only think it is acceptable to take and use IP when they leave a company, but also believe their companies do not care. Only 47 percent say their organization takes action when employees take sensitive information contrary to company policy and 68 percent say their organization does not take steps to ensure employees do not use confidential competitive information from third-parties. Organizations are failing to create an environment and culture that promotes employees' responsibility and accountability in protecting IP.

Read Blog Post: The "Frenemy" Within: Insider Theft of IP

Click to Tweet: Half of ex-employees steal corporate data and don't believe it's wrong: http://bit.ly/14weERW

Survey Highlights

  • Employees move IP outside the company in all directions, and never clean it up. Sixty-two percent say it is acceptable to transfer work documents to personal computers, tablets, smartphones or online file sharing applications. The majority never delete the data they've moved because they do not see any harm in keeping it.
  • Most employees do not believe using competitive data taken from a previous employer is wrong. Fifty-six percent of employees do not believe it is a crime to use a competitor's trade secret information; this mistaken belief puts their current employers at risk as unwitting recipients of stolen IP.
  • Employees attribute ownership of IP with the person who created it. Forty-four percent of employees believe a software developer who develops source code for a company has some ownership in his or her work and inventions, and 42 percent do not think it's a crime to reuse the source code, without permission, in projects for other companies.
  • Organizations are failing to create a culture of security. Only 38 percent of employees say their manager views data protection as a business priority, and 51 percent think it is acceptable to take corporate data because their company does not strictly enforce policies.


  • Employee education: Organizations need to let their employees know that taking confidential information is wrong. IP theft awareness should be integral to security awareness training.
  • Enforce non-disclosure agreements (NDAs): In almost half of insider theft cases, the organization had IP agreements with the employee, which indicates the existence of a policy alone -- without employee comprehension and effective enforcement -- is ineffective(i). Include stronger, more specific language in employment agreements and ensure exit interviews include focused conversations around employees' continued responsibility to protect confidential information and return all company information and property (wherever stored). Make sure employees are aware that policy violations will be enforced and that theft of company information will have negative consequences to them and their future employer.
  • Monitoring technology: Implement a data protection policy that monitors inappropriate access and use of IP and automatically notifies employees of violations, which increases security awareness and deters theft.


  • "Companies cannot focus their defenses solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain. The everyday employee, who takes confidential corporate data without a second thought because he doesn't understand it's wrong, can be just as damaging to an organization," said Lawrence Bruhmuller, vice president of engineering and product management, Symantec. "Education alone won't solve the problem of IP theft. Companies need data loss prevention technologies to monitor use of IP and flag employee behavior that puts confidential corporate data at risk. The time to protect your IP is before it walks out the door."
  • "When it comes to trade secret theft by mobile employees, an ounce of prevention is usually worth ten pounds of cure," said Dave Burtt, founder of Mobility Legal P.C. "We consistently see departing employees who don't understand their obligation to keep trade secrets secret, but are just as often faced with companies whose own procedures are sorely lacking when it comes to protecting valuable IP. But everybody loses when a mobile employee steals trade secrets -- the company who invested in the IP, the employee who took it, and the organization that receives it, even unknowingly, who most often is on the hook for defending the litigation that follows. Before employees exit, dust off agreements they likely haven't looked at in years, figure out all of the places the employee has stored sensitive company information and get it back, and ensure that employees understand their continuing obligations not to use or disclose company trade secrets."

Symantec's How Employees are Putting Your Intellectual Property at Risk Survey
Symantec's survey What's Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk was conducted by The Ponemon Institute in October 2012 to examine the problem of IP theft or abuse by employees in the workplace. The results are based on responses from 3,317 individuals in six countries including the United States, United Kingdom, France, Brazil, China and Korea.


Connect with Symantec

About Symantec
Symantec protects the world's information, and is a global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment -- from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at: go.symantec.com/socialmedia.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

FORWARD-LOOKING STATEMENTS: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

Technorati Tags
Insider threat, IP theft, intellectual property protection, data loss prevention, DLP, security awareness training

(i) Eric D. Shaw, Ph.D., Harley V. Stock, Ph.D, "Behavioral Risk Indicators of Malicious Insider Theft of Intellectual Property: Misreading the Writing on the Wall," 2011, Symantec

Add to Digg Bookmark with del.icio.us Add to Newsvine

Cassie Stevenson
Symantec Corp.
Email Contact

Emily Butler
Connect Marketing
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
Virgil consists of an open-source encryption library, which implements Cryptographic Message Syntax (CMS) and Elliptic Curve Integrated Encryption Scheme (ECIES) (including RSA schema), a Key Management API, and a cloud-based Key Management Service (Virgil Keys). The Virgil Keys Service consists of a public key service and a private key escrow service. 

@ThingsExpo has been named the Top 5 Most Influential Internet of Things Brand by Onalytica in the ‘The Internet of Things Landscape 2015: Top 100 Individuals and Brands.' Onalytica analyzed Twitter conversations around the #IoT debate to uncover the most influential brands and individuals driving the conversation. Onalytica captured data from 56,224 users. The PageRank based methodology they use to extract influencers on a particular topic (tweets mentioning #InternetofThings or #IoT in this ...
@ThingsExpo has been named the Top 5 Most Influential M2M Brand by Onalytica in the ‘Machine to Machine: Top 100 Influencers and Brands.' Onalytica analyzed the online debate on M2M by looking at over 85,000 tweets to provide the most influential individuals and brands that drive the discussion. According to Onalytica the "analysis showed a very engaged community with a lot of interactive tweets. The M2M discussion seems to be more fragmented and driven by some of the major brands present in the...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, will discuss the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docke...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
In the next five to ten years, millions, if not billions of things will become smarter. This smartness goes beyond connected things in our homes like the fridge, thermostat and fancy lighting, and into heavily regulated industries including aerospace, pharmaceutical/medical devices and energy. “Smartness” will embed itself within individual products that are part of our daily lives. We will engage with smart products - learning from them, informing them, and communicating with them. Smart produc...
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
SYS-CON Events announced today that Coalfire will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, health...
Cloud based infrastructure deployment is becoming more and more appealing to customers, from Fortune 500 companies to SMEs due to its pay-as-you-go model. Enterprise storage vendors are able to reach out to these customers by integrating in cloud based deployments; this needs adaptability and interoperability of the products confirming to cloud standards such as OpenStack, CloudStack, or Azure. As compared to off the shelf commodity storage, enterprise storages by its reliability, high-availabil...
SYS-CON Events announced today that MathFreeOn will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MathFreeOn is Software as a Service (SaaS) used in Engineering and Math education. Write scripts and solve math problems online. MathFreeOn provides online courses for beginners or amateurs who have difficulties in writing scripts. In accordance with various mathematical topics, there are more tha...
In the next forty months – just over three years – businesses will undergo extraordinary changes. The exponential growth of digitization and machine learning will see a step function change in how businesses create value, satisfy customers, and outperform their competition. In the next forty months companies will take the actions that will see them get to the next level of the game called Capitalism. Or they won’t – game over. The winners of today and tomorrow think differently, follow different...
We all know the latest numbers: Gartner, Inc. forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from last year, and will reach 20.8 billion by 2020. We're rapidly approaching a data production of 40 zettabytes a day – more than we can every physically store, and exabytes and yottabytes are just around the corner. For many that’s a good sign, as data has been proven to equal money – IF it’s ingested, integrated, and analyzed fast enough. Without real-tim...
SYS-CON Events announced today that Numerex Corp, a leading provider of managed enterprise solutions enabling the Internet of Things (IoT), will exhibit at the 19th International Cloud Expo | @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Numerex Corp. (NASDAQ:NMRX) is a leading provider of managed enterprise solutions enabling the Internet of Things (IoT). The Company's solutions produce new revenue streams or create operating...
SYS-CON Events announced today that Transparent Cloud Computing (T-Cloud) Consortium will exhibit at the 19th International Cloud Expo®, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The Transparent Cloud Computing Consortium (T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data proces...
Big Data, cloud, analytics, contextual information, wearable tech, sensors, mobility, and WebRTC: together, these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at @ThingsExpo, Erik Perotti, Senior Manager of New Ventures on Plantronics’ Innovation team, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it ...
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and ...