Study finds many former employees maintain access to corporate applications

July 21, 2017
Failure to de-provision employees has caused a data breach at 20 percent of the companies represented in the survey

San Francisco, Calif., July 13, 2017 – Despite businesses of all sizes becoming increasingly security conscious, a new study from OneLogin, the identity management provider bringing speed and integrity to the modern enterprise, reveals many businesses aren’t doing enough to guard against security threats brought on by ex-employees. 

The research is based on the results of a quantitative survey completed by 500 U.S.-based IT decision makers. Each of the respondents serves in a corporate IT department where they have some level of responsibility for the company’s IT security. All of the companies represented provision and de-provision employee logins in-house. Quotas were applied to gender, the age of respondent and the region in which they reside to ensure that the sample was nationally representative.

According to 20 percent of the respondents, failure to de-provision employees from corporate applications has contributed to a data breach at their organization. The research found that nearly half (48 percent) of respondents are aware of former employees who still have access to corporate applications, with 50 percent of IT decision-makers ex-employee's accounts remaining active once they have left the company for longer than a day. A quarter (25 percent) of respondents take more than a week to de-provision a former employee and a quarter (25 percent) don’t know how long accounts remain active once the employee has left the company. 

The study finds close to half (44 percent) of respondents lack confidence that former employees have been removed from corporate networks at all. This points to an increasing need for companies to use a security information and event management (SIEM) system, of which nearly half (41 percent) aren’t currently using. A SIEM solution can help monitor employee app. usage to detect threats to the corporate network. Integrating a SIEM solution with the company’s identity and access management system can help enforce login policies across their entire application portfolio to provide businesses another layer of security.

“The bottom-line is that companies aren’t following very basic but essential security measures around employee provisioning and de-provisioning,” said Alvaro Hoyos, chief information security officer, OneLogin. “This should be a cause for concern among business leaders, especially considering how many data breaches are caused by ex-employees.”

“That said, at least now we’re at a point where we are acknowledging there is a problem,” added Hoyos. “The next step is going to be for IT decision-makers to be proactive about addressing this issue. Modern enterprises need technology that can automate the provisioning processes to help companies become more secure, productive, and efficient.”


About OneLogin, Inc.

OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on (SSO) and cloud identity and access management (IAM) platform. Our portfolio of solutions secures connections across all users, all devices, and every application, helping enterprises drive new levels of business integrity, operational velocity, and team efficiency across all their cloud and on-premise applications. OneLogin manages and secures millions of identities around the globe. We are headquartered in San Francisco, California. For more information, visit www.onelogin.comBlogFacebookTwitter, or LinkedIn.