The company monitored more than 100,000 hours of user activity at customer sites with more than 1,000 employees in the UK and Europe in the past year to analyse the ways users accessed, processed, stored and transmitted corporate-sensitive information.
The research found that trusted users were the biggest sources of information leaks such as IT personnel (30%), customer service staff (22%), third parties (16%), sales staff (12%) and the operations department (10%).
"Companies need to address the insider as the primary threat to their business. Until this is done no real security can be achieved," said Richard Hollis, managing director of Orthus.
The research was done using software agents on endpoints, servers and terminal servers. The software recorded evidence of data being removed through unauthorised actions.