SOURCE: Symantec


February 23, 2009 08:00 ET

More Than Half of Ex-Employees Admit to Stealing Company Data According to New Study

Survey Conducted by the Ponemon Institute and Symantec Reveals Companies Lack Adequate Data Loss Prevention Controls

CUPERTINO, CA and TRAVERSE CITY, MI--(Marketwire - February 23, 2009) - Symantec Corp. (NASDAQ: SYMC) and the Ponemon Institute, a leading privacy and information management research firm, today announced the findings of a joint survey of employees who lost or left a job in 2008, which revealed 59 percent of ex-employees admit to stealing confidential company information, such as customer contact lists. The results also show that if respondents' companies had implemented better data loss prevention policies and technologies, many of those instances of data theft could have been prevented.

Of respondents who admitted to taking company data, 61 percent also reported having an unfavorable view of their former employer. The most commonly identified kinds of records taken included e-mail lists, employee records, customer information including contact lists, and non-financial information. Although respondents were spread across many different industries, the highest percentage of survey responses came from the financial services industry.


  • 53 percent of respondents downloaded information onto a CD or DVD, 42 percent onto a USB drive and 38 percent sent attachments to a personal e-mail account.
  • 79 percent of respondents took data without an employer's permission.
  • 82 percent of respondents said their employers did not perform an audit or review of paper or electronic documents before the respondent left his/her job.
  • 24 percent of respondents had access to their employer's computer system or network after their departure from the company.

The Ponemon Institute conducted the web-based survey in January 2009, polling nearly 1,000 adult participants located in the United States who left an employer within the past 12 months.


  • "Data loss during downsizing is preventable. We can prevent employees from emailing sensitive content to personal Webmail accounts or downloading it onto USB drives," said Rob Greer, senior director of product management for Data Loss Prevention solutions at Symantec. "Companies need to implement data loss prevention technologies so they know exactly where sensitive data resides, how it is being used, and prevent it from being copied, downloaded or sent outside the company."

  • "The survey's findings should sound the alarm across all industries: your sensitive data is walking out the door with your employees. Even if layoffs are not imminent, companies need to be more aware of who has access to sensitive business information," said Larry Ponemon, chairman and founder, Ponemon Institute, LLC. "Our research suggests that a great deal of data loss is preventable through the use of clear policies, better communication with employees, and adequate controls on data access."

About The Ponemon Institute

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. Visit the Ponemon Institute at

About Symantec Data Loss Prevention

Symantec delivers the industry's only unified platform to discover, monitor and protect confidential data. Symantec Data Loss Prevention gives organizations new confidence to demonstrate compliance while protecting their customers, brand, and intellectual property, including more than 30 percent of the Fortune 100. Symantec's Data Loss Prevention solutions comprehensively protect confidential data across endpoint, network and storage systems.

About Symantec

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.


Survey Results

- Data Loss Risks During Downsizing

Related Information

- Symantec Data Loss Prevention 9.0

- The Ponemon Institute


- Symantec Data Loss Prevention 9.0

Contact Information