Click here to close now.


Agile Computing Authors: Yeshim Deniz, Pat Romanski, SmartBear Blog, Elizabeth White, Liz McMillan

News Feed Item

The ex-employee menace: 89% retain access to Salesforce, QuickBooks & other sensitive corporate apps

Intermedia's 2014 SMB Rogue Access Study explores the security threat posed by former employees.

MOUNTAIN VIEW, Calif., Aug. 12, 2014 /PRNewswire/ -- Every month, hundreds of thousands of Americans leave their jobs. And they're bringing their IT access with them—from passwords to the corporate Twitter account to confidential files stored in personal Dropbox accounts.

To view the multimedia assets associated with this release, please click

This data comes from the 2014 Intermedia SMB Rogue Access Study, which was released today. Based on a survey of knowledge workers performed by Osterman Research, this study quantifies the staggering scope of the "Rogue Access" problem. And it presents a wake-up call for every business in the country.

Read the Rogue Access report at Some of the more shocking findings include:

  • 89% of those surveyed retained access to Salesforce, PayPal, email, SharePoint or other sensitive corporate apps
  • 45% retained access to "confidential" or "highly confidential" data
  • 49% actually logged into ex-employer accounts after leaving the company
  • 68% admitted to storing work files in personal cloud storage services

"Most small businesses think 'IT security' applies only to big businesses battling foreign hackers," says Michael Gold, President of Intermedia. "This report should shock smaller businesses into realizing that they need to protect their leads databases, financial information and social reputation from human error as well as from malicious activity."

These risks have both technical and procedural causes. In fact, one of the weakest points identified in the report is the lack of formal "IT offboarding" procedures: 60% of respondents said they were NOT asked for their cloud logins when they left their companies.

From lost data to compliance failures: the wide-ranging risks of Rogue Access

The risks of Rogue Access are endless. Disgruntled ex-employees could steal money from PayPal, falsify financial details in Quickbooks, or post inappropriately on company social media. Well-intentioned ex-employees might purge important files from their personal cloud storage. And there are legal risks as well, such as the inability to complete eDiscovery or the failure to comply with regulatory obligations to protect sensitive data.

"I've heard a lot of stories about sales people who export customer lists or users who wipe all their data," says Felix Yanko, president of Pittsburgh-based ServNet Tech, an IT consultant and Intermedia partner. "For a small business particularly, 'Rogue Access' creates a huge risk: if something happens that affects their clients and they get sued, they usually go out of business."

Three solutions to the Rogue Access challenge

To help businesses regain control over access to their IT apps, Intermedia's report presents three solutions:

  • First, companies should implement strict access and user lifecycle management policies, including a stringent IT offboarding checklist. Intermedia has developed a collection of best practices as well as an IT offboarding checklist, and made them free to download.
  • Second, companies should offer business-grade cloud storage that's as easy to use as consumer-grade services. This makes it less likely that employees will use personal services that lack high levels of IT control and protection.
  • Finally, companies should provide users with single sign-on portals. SSO portals are a fast-trending IT tool for a reason: they give users a single point of entry into the cloud, which makes it much easier for IT to manage and track access.

"People want to work at home. They want files available when they're traveling. But when a company puts this functionality into place in an organic, uncoordinated way, there are real risks they may not have considered," says Michael Osterman, President of Osterman Research. "This report provides direction for these companies to regain control over their cloud."

For more information—including a downloadable list of IT access best practices and an IT offboarding checklist—read Intermedia's Rogue Access report at You can also follow @intermedia_net on Twitter or participate in the conversation at #StopRogueAccess.

About Intermedia

Intermedia is the world's largest one-stop shop for cloud business applications. Its Office in the Cloud™ suite integrates all of the essential IT services that SMBs need to do business, including email, voice, file sync and share, single sign-on, security, mobility, archiving and more.

Intermedia's services thwart the ex-employee menace by making it simple to revoke access to the entire cloud footprint with just one click. All of its services are integrated, secure, mobile-ready and managed from a single control panel. And they all offer enterprise-grade security, 99.999% availability and 24/7 phone support with hold times of less than 60 seconds.

Intermedia's 600 employees work relentlessly to provide its 60,000 customers, 1 million users and 5,000 active partners with a Worry-free Experience™. Learn more at

Kristen Berry, (650) 691-7318, [email protected]

Rogue Access -- the Ex-Employee Menace


Intermedia’s Rogue Access report highlights the ex-employee menace.


How to stop Rogue Access


Rogue Access — your confidential files are at risk.


To view the multimedia assets associated with this release, please click

SOURCE Intermedia

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Bradley Holt, Developer Advocate at IBM Cloud Data Services, will demonstrate techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user experience, both offline and online. The focus of this talk will be on IBM Cloudant, Apa...
NHK, Japan Broadcasting will feature upcoming @ThingsExpo Silicon Valley in a special IoT documentary which will be filmed on the expo floor November 3 to 5, 2015 in Santa Clara. NHK is the sole public TV network in Japan equivalent to BBC in UK and the largest in Asia with many award winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology covering @ThingsExpo Silicon Valley. The program will be aired during the highest viewership season of the year that it will have a high impact in the industry through this documentary in Japan. The film...
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, will look at different existing uses of peer-to-peer data sharing and how it can become useful in a live session to...
SYS-CON Events announced today that Luxoft Holding, Inc., a leading provider of software development services and innovative IT solutions, has been named “Bronze Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Luxoft’s software development services consist of core and mission-critical custom software development and support, product engineering and testing, and technology consulting.
The enterprise is being consumerized, and the consumer is being enterprised. Moore's Law does not matter anymore, the future belongs to business virtualization powered by invisible service architecture, powered by hyperscale and hyperconvergence, and facilitated by vertical streaming and horizontal scaling and consolidation. Both buyers and sellers want instant results, and from paperwork to paperless to mindless is the ultimate goal for any seamless transaction. The sweetest sweet spot in innovation is automation. The most painful pain point for any business is the mismatch between supplies a...
As a company adopts a DevOps approach to software development, what are key things that both the Dev and Ops side of the business must keep in mind to ensure effective continuous delivery? In his session at DevOps Summit, Mark Hydar, Head of DevOps, Ericsson TV Platforms, will share best practices and provide helpful tips for Ops teams to adopt an open line of communication with the development side of the house to ensure success between the two sides.
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, will show how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants will get the download information, scripts, and complete end-to-end walkthrough of the analysis from start to finish. Participants will also be given the pract...
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of streaming data in the cloud with an enterprise grade SLA. It features built-in integration with Azur...
WebRTC: together these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at WebRTC Summit, Cary Bran, VP of Innovation and New Ventures at Plantronics and PLT Labs, will provide an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it may enable, complement or entirely transform.
WebRTC services have already permeated corporate communications in the form of videoconferencing solutions. However, WebRTC has the potential of going beyond and catalyzing a new class of services providing more than calls with capabilities such as mass-scale real-time media broadcasting, enriched and augmented video, person-to-machine and machine-to-machine communications. In his session at @ThingsExpo, Luis Lopez, CEO of Kurento, will introduce the technologies required for implementing these ideas and some early experiments performed in the Kurento open source software community in areas ...
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, will discuss the impact of technology on identity. Should we federate, or not? How should identity be secured? Who owns the identity? How is identity ...
Developing software for the Internet of Things (IoT) comes with its own set of challenges. Security, privacy, and unified standards are a few key issues. In addition, each IoT product is comprised of at least three separate application components: the software embedded in the device, the backend big-data service, and the mobile application for the end user's controls. Each component is developed by a different team, using different technologies and practices, and deployed to a different stack/target - this makes the integration of these separate pipelines and the coordination of software upd...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
WebRTC converts the entire network into a ubiquitous communications cloud thereby connecting anytime, anywhere through any point. In his session at WebRTC Summit,, Mark Castleman, EIR at Bell Labs and Head of Future X Labs, will discuss how the transformational nature of communications is achieved through the democratizing force of WebRTC. WebRTC is doing for voice what HTML did for web content.
The broad selection of hardware, the rapid evolution of operating systems and the time-to-market for mobile apps has been so rapid that new challenges for developers and engineers arise every day. Security, testing, hosting, and other metrics have to be considered through the process. In his session at Big Data Expo, Walter Maguire, Chief Field Technologist, HP Big Data Group, at Hewlett-Packard, will discuss the challenges faced by developers and a composite Big Data applications builder, focusing on how to help solve the problems that developers are continuously battling.
Nowadays, a large number of sensors and devices are connected to the network. Leading-edge IoT technologies integrate various types of sensor data to create a new value for several business decision scenarios. The transparent cloud is a model of a new IoT emergence service platform. Many service providers store and access various types of sensor data in order to create and find out new business values by integrating such data.
SYS-CON Events announced today that IBM Cloud Data Services has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IBM Cloud Data Services offers a portfolio of integrated, best-of-breed cloud data services for developers focused on mobile computing and analytics use cases.
In his session at @ThingsExpo, Tony Shan, Chief Architect at CTS, will explore the synergy of Big Data and IoT. First he will take a closer look at the Internet of Things and Big Data individually, in terms of what, which, why, where, when, who, how and how much. Then he will explore the relationship between IoT and Big Data. Specifically, he will drill down to how the 4Vs aspects intersect with IoT: Volume, Variety, Velocity and Value. In turn, Tony will analyze how the key components of IoT influence Big Data: Device, Connectivity, Context, and Intelligence. He will dive deep to the matrix...
When it comes to IoT in the enterprise, namely the commercial building and hospitality markets, a benefit not getting the attention it deserves is energy efficiency, and IoT’s direct impact on a cleaner, greener environment when installed in smart buildings. Until now clean technology was offered piecemeal and led with point solutions that require significant systems integration to orchestrate and deploy. There didn't exist a 'top down' approach that can manage and monitor the way a Smart Building actually breathes - immediately flagging overheating in a closet or over cooling in unoccupied ho...
SYS-CON Events announced today that Cloud Raxak has been named “Media & Session Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Raxak Protect automates security compliance across private and public clouds. Using the SaaS tool or managed service, developers can deploy cloud apps quickly, cost-effectively, and without error.