A big source of theft of corporate data and trade secrets is former employees of the company, a research report said Wednesday.
The survey by the security firm Symantec found that half of employees who left or lost their jobs in the last 12 months kept confidential corporate data, and 40 percent plan to use it in their new jobs.
"This means valuable intelligence is falling into the hands of competitors," said Symantec's Robert Hamilton in a blog post accompanying the report.
"Ultimately, this puts everyone at risk -- the employee who takes the IP (intellectual property), the organization that invested in it and the new employer who unwittingly receives it. Everyone can be held accountable, and no one wins."
Hamilton said it was "startling" that many employees "don't think taking corporate data is wrong. Sixty-two percent of employees think it's acceptable to transfer corporate data to their personal computers, tablets, smartphones and cloud file-sharing apps. And once the data is there, it stays there -- most employees never delete it."
He added that "underlying this belief is a lack of understanding who owns the IP. The survey shows that employees attribute ownership of IP to the person who created it" and that companies fail to clearly indicate that they own the data.
Symantec said the report highlights that corporate security must consider how to deal with the threats from within.
"Companies cannot focus their defenses solely on external attackers and malicious insiders who plan to sell stolen IP for monetary gain," said Lawrence Bruhmuller, Symantec's vice president of engineering and product management.
"The everyday employee, who takes confidential corporate data without a second thought because he doesn't understand it's wrong, can be just as damaging to an organization."