Businesses across the U.S. are facing a serious risk to their data in the cloud – and they may not even realize it – as employee turnover increases. The phenomenon that analysts call “The Great Resignation” is growing to record numbers of people changing employment in 2021 and, overall, could impact 26 percent of the workforce.
Reasons for the resignations vary – as does the potential risks they pose to your organization. For example, some people, particularly in healthcare, retail, and hospitality, are driven to a change due to burnout after working on the front lines during the pandemic and picking up the slack on understaffed shifts. Some of these people fall into the category of “disgruntled employees,” who may want to create some havoc before they leave your company – and deleting or corrupting data are ways to do that.
Other employees are making a change to pursue new opportunities, which is often the case in the technology industry. Tech professionals are giving up tenure in established companies to join startups or companies just going public. If any unscrupulous employees fall into this group, they may want to take data with them or maintain access to it to gain an advantage in their new positions.
While your managers’ backs are turned, an employee with malicious intent may be engaging in activity that could threaten data security – or even lead to a data breach. An employee about to leave your company could:
Cloud platforms such as Google Workspace and Microsoft 365 provide your teams with many benefits, including easy communications, the ability to work on projects collaboratively, and cloud storage. However, they also give a document’s owner or editor the ability to add collaborators. An employee who wants to maintain access to information in particular files may add a personal email address to the list of people who can access the file so that they can keep tabs on your customers, financials, IP, or other information.
If you pull reports on cloud solution activity and see that large volumes of data have been exfiltrated, it could indicate that a former employee took data before leaving your company. One tactic that an employee could use is to make copies of the data and move those files to a personal OneDrive or Google Drive account
Cloud solutions include security features that enable the owner or editor to decide how collaborators interact with the data. During a two-week notice period, an employee could change permissions to unrestricted activity so that anyone can view, edit, or upload data. If the employee saves the link to the file, then access is just a click away.
You don’t need to become a victim of malicious activity by employees who are leaving your organization. Measures you can take include:
Additionally, it’s a good idea to own all files and documents that contain your data – don’t give another person or organization the power to delete, edit, or access sensitive information.
If your business is one of those impacted by The Great Resignation, your team may not be able to find the time to make changes in your cloud platforms to restrict access to data and to monitor employees’ activities until they turn in their keys.
Fortunately, there is technology that can monitor who is accessing your data and where it’s going even when you can’t. Strengthen your security posture with a solution that continuously and intelligently monitors your data and alerts you of activities that don’t comply with your data protection strategy. An AI-powered solution that understands which information is critical and must be protected will put your mind at ease during transition times as employees leave your organization – or at any time when errors can occur.
For more information on how to keep your company data safe during periods of employee turnover, read our white paper, “The Great Resignation” Data Protection: Guard Against Risks During Off-Boarding.