The last 18 months have been aptly referred to as ‘the great resignation’, a period of time in which employees are quitting their jobs in vast numbers. A likely recession on the horizon could see another wave of turnover in the coming quarters.
In 2021, 47.8 million workers in the US quit their jobs, an average of nearly 4 million each month, meaning 2021 holds the highest average on record. Things show no sign of slowing this year, with 44% of employees considering themselves “job seekers”.
We’re not an HR company, so we’re not going to tell you how to boost your employee retention rates or anything like that. However, when it comes to cyber security, the great resignation has a lot of implications for your sensitive data.
Watch out for the departing employee
Here’s the thing: departing employees are a type of insider threat. Whether the employee on their way out intentionally sets out to exfiltrate sensitive data, or does so without realizing it’s against company policy, many tend to take streams of confidential information with them. This typically includes data like:
- Customer and partner contact information, including PII
- Salesforce data
- Process documents
- Intellectual property
- Business strategies and plans
Most of the time, these employees aren’t setting out to hurt your business. They simply want to retain access to data that could be valuable in their next position. Then again, there are also those rare employees who do have malicious intentions: either who feel like they have a point to prove or who have been treated unfairly, and want to take vengeance in some way.
Regardless of motive, data exfiltration could be big trouble for your company – especially if PII, PHI or financial data is involved. From a compliance perspective, loss or theft of this data could result in steep fines and loss of customer trust.
Why are departing employees a bigger threat than ever?
While employees that have handed in their notice have always been a threat to data security, the great resignation has supercharged this risk. In line with this, recent research shows that insider threats are the number one priority CISOs want to address in 2022 and 50% of CISOs feel it’s harder to protect data due to the great resignation.
So, why is this the case? Well, as well as the fact that more employees are leaving than ever before, today’s working environment also makes it really challenging to protect and secure data consistently.
With the move to hybrid and remote work, employees and corporate data no longer reside within the corporate network. Now, data is spread across cloud applications like Slack, Teams, Google Workspace and much more. Your employees are also downloading sensitive data to their laptops and cellphones, possibly even transferring information to their personal devices without your knowledge.
All of this means that it’s really difficult for security teams to gain a clear, enterprise-wide picture of where sensitive data is, who has access to it and how it’s being used.
Unfortunately, as we know, ignorance isn’t bliss when it comes to data security. If you don’t get a handle on the great resignation and data exfiltration, you could end up in the headlines for a data breach.
How to minimize the risks of data loss associated with the great resignation
Now that you understand how the great resignation could impact data security and compliance, it’s time to put a strategy in place for secure employee offboarding. Here’s what to do:
Put in place an automated off-boarding process, with specific measures for different roles
The IT, security and HR teams should collaborate to create an off-boarding roadmap for employees. Avoid using a generic template for all of your people. Instead, create role-specific processes. For example, an IT employee that’s handed in their notice should be treated differently from a marketing graduate, as they’ll have access to different kinds of data and have different levels of privileges.
To avoid this process becoming time-consuming and overwhelming, make use of automated tools where you can.
Follow through with the principle of zero trust for exiting employees
As we’ve discussed in our guide to zero trust, this concept refers to the idea that organizations should verify every person and device attempting to access their systems and data, whether they are inside or outside the network perimeter, before permitting access.
For employees on the way out, you should tailor their network, email and cloud system access once they’ve handed in their resignation. Of course, in some instances, the employee will still need access to data and systems to do their jobs – but you should implement the principle of least privilege to ensure they’re not harvesting any data they shouldn’t be.
Embrace DLP for SaaS
A huge part of secure offboarding is ensuring that your employees aren’t downloading sensitive information from cloud applications. To that end, you should use cloud-based DLP to ensure that your employees follow proper offboarding procedures.
Of course, not all DLP is created equal. Check out our DLP buyer’s guide to help you sift through this crowded market.
Train your employees on proper data handling
As well as this, it’s definitely worth highlighting to your employees what you expect of them during their resignation period. Make sure that they know that downloading and keeping hold of company information after they resign is against the law.
How Polymer can help you beat insider threats
Polymer’s SaaS DLP is designed to stop insider threats in their tracks. Here’s how our solution can help you tackle the security implications of the great resignation:
- Monitor your users for risky behavior: Polymer uses machine learning to automatically track user access and actions across SaaS apps for an in-depth analysis of behavior. If users perform risky actions, our engine will automatically redact or block the user, while alerting your IT team so you can undertake further investigation if necessary.
- Detecting and preventing data exfiltration across SaaS apps: Our solution works by discovering and protecting sensitive data to ensure it is only accessed and edited by authorized users. It can discover both structured and unstructured data across your cloud applications – meaning it can find sensitive information in documents, chats, databases and more. Once identified, it uses automation and a self-learning engine to take the most sensible, secure steps to safeguard your data as users access it, based on the principles of zero-trust.
- Hone in on departing employees: Polymer is designed to track what kind of data (document types and the entities found in them) an employee is working with and how it is being shared. Our approach is to compute metrics from various dimensions over SaaS platforms to create a Data Exposure Risk Score. This score encapsulates the frequency & severity of individual users, so you can take appropriate action.
- Educate your people on better security: Security awareness and periodic training are important but often fall short in changing behavior. Polymer’s SaaS DLP nudges users when sensitive data is shared un-securely, providing continuous training and driving real results, while automatic remediation provides an extra safety net.
- Achieve security without overworking your team: Our product requires little intervention. It uses AI and machine learning to automate the process of data discovery and protection – only alerting your IT team to extremely high-risk cases that need attention. Otherwise, the solution works in the background, ensuring that your employees don’t interact with any data that they shouldn’t be.