Companies fail to have secure exit strategy

UK companies are too slow to cancel IT resources to people leaving their organisation.

UK companies are too slow to cancel IT resources to people leaving their organisation.
Research by application connectivity company Citrix Systems found that 23% of companies do not immediately revoke network access privileges for departing employees, making critical data and systems vulnerable to competitors.

E-mail and calendars were the IT resources most open to external access by ex-employees, found Citrix.  Confidential company documents and financial systems were also high on the list.

Thomas Raschke, analyst at IDC, said, “Firms need to build in rules saying when and what people can get access to from the corporate network. Access management is often an overlooked part of the business.”

Citrix found that some companies do not turn off access rights to ex-employees for weeks, months or even years in some cases.

“Web-based architecture has extended the corporate computing environment to enable teleworking and mobile computing, but such freedom comes at a cost,” said Lewis Gee, Citrix UK managing director.

The most open resources open to ex-employees were: e-mail and calendar (94%), confidential company documents (75%), contact databases (58%), administration systems (58%), financial systems (46%), and information resources, eg Lexis Nexis (27%).

“In today’s business environment, bespoke research, customer information and other commercially-sensitive information – such as tenders – are valuable commodities,” added Gee.

“No company can afford to give this information away, particularly when you consider that so many ex-employees are lured away to ply their knowledge, expertise and access rights at a rival company,” he said.

For more news on managed applications  click here >>

Read more on IT strategy