UK THRIVING DATA THEFT CULTURE IN UK WORKPLACE Security Park - Thriving data theft culture in the UK workforce:
Thriving data theft culture in the UK workforce

Most organisations allocate significant budgets to IT security, putting in complex IT defences to protect from external threats yet managers are failing to address the thriving data theft culture of the UK workforce.

Independent research from Prefix IT reveals that lax management attitudes have allowed a culture of data theft to flourish in the British workplace. A picture of poor processes, policy creation and communication shows that management practices are badly out of step with today’s office morals; 60% of workers admit to theft of confidential documents, customer databases, business contacts and sales leads.

Data theft is endemic, yet only 7% of managers believe their companies have been affected by the issue and 29% of managers say the topic is not recognised at board level. This climbs to 50% in SMEs. Few employees are aware of security measures or company policies that prevent workplace theft and the majority of workers do not believe it is ‘wrong’ to steal from the office.

Graeme Pitts-Drake, CEO of Prefix IT, said: “Whilst trust in staff is laudable, it is professionally negligent not to protect company assets appropriately through policy and technical means. Failing to communicate with staff about un-acceptable activities is tantamount to endorsing theft.

Part 2 of the Prefix Security Report includes the responses of over 1,000 UK workers:
· 73% of workers are unaware of any special security measures to prevent workplace theft
· 44% of employees are unaware of policy explaining what can and cannot be taken home
· 63% say there are no restrictions on using personal portable devices eg USB memory sticks in the workplace
· 63% of workers believe employees ‘think nothing of taking things from the workplace’
· 30% of workers (37% of men) believe sales leads/business contacts are rightfully theirs

Those leaving a job are a particular threat, 65% consider taking data including sales leads. This figure rose to 72% amongst the 45-54 year age group and although lowest amongst employees of large SMEs (501- 1,000 employees) it was still 58%. Generally, 36% admitted they might download data to help in a new job.

By comparison, stationery theft was ‘small fry’ as only 25% said they would bother. Part 1 of the Prefix report revealed that the danger of data theft is compounded due to widespread ownership of personal storage devices (78% of the workforce), such as USB memory sticks or iPods. Pitts-Drake again: “In 10 seconds staff can download 10 mbs of data to a device that cost them £10, that’s the equivalent of 20,000 customer records. UK managers are living in dreamland if they think thattheft doesn’t happen in their organisation, it’s a fact of business life today.”

Only 30% of managers said that guarding against data theft is a ‘key priority for the business’. In the SME sector this figure was markedly lower; 22% for small SMEs (51-250) and 28% for mid-sized SMEs (251-500).

Mid-sized SMEs (51-250 employees) have the biggest problem, as 36% of employees ‘have no issue’ with taking leads and database information. Graduate trainees pose the biggest threat; 55% believe there is no moral dilemma involved.

Over a quarter (27%) disagreed that ‘taking things from work was the same as stealing’. This response was strongest amongst 16-24 year olds (49%) and graduate trainees (41%). Supporting the theory that officetheft is not only widespread but accepted practice, more than half (56%) of respondents agreed that ‘companies expect a certain amount of things to go walkabout’. The belief that officetheft is accepted by employers was very strong amongst 25-34 year olds (63%) and those working in the capital (64%).