Skip to content

Employees Have No Qualms About Stealing Data

Iron Mountain announced its latest survey suggests that many employees have no qualms about taking highly confidential or sensitive documents with them when they leave a company.

For more information visit:

Unedited press release follows:

When employees leave so does your data, research reveals

Iron Mountain study shows sensitive customer data to be the main target for half (51%) of employees taking information when they exit

London, UK – July 16. One in three (32%) employees have taken or forwarded confidential information out of the office on more than one occasion, according to a recent survey[i] commissioned by information management company, Iron Mountain. When people change jobs, highly sensitive information is particularly vulnerable. The study showed that many employees have no qualms about taking highly confidential or sensitive documents with them when they leave – and most believe they’re doing nothing wrong.

The survey discovered that half (51 per cent) of European office workers who take information from their current employer when they switch jobs – 44 per cent of those in the UK – are helping themselves to confidential customer databases, despite data protection laws and records management policies forbidding them to do so.

Along with databases, employees who take information are walking out the door armed with presentations [46 per cent], company proposals [21 per cent], strategic plans [18 per cent] and product/service roadmaps [18 per cent] – all of which represent highly sensitive and valuable information, critical to a company’s competitive advantage, brand reputation and customer trust.

The study found that employees who resign don’t generally take information out of malice; they do so because they feel a sense of ownership or believe it will be useful in their next role. Two thirds said they had taken or would take information they had been involved in creating, and 72 per cent said they believed the information would be helpful in their new job.

The picture changes, however, when employees lose their job. The study revealed that as many as one in three office workers (31 per cent) would deliberately remove and share confidential information if they were fired.

“As businesses across Europe rush to tighten up their data protection policies in advance of new EU legislation, it is extremely worrying to see that employees are leaving jobs with highly sensitive information,” said Patrick Keddy, Senior Vice President at Iron Mountain. “Companies concerned about information security tend to focus on building a fortress around their digital data and then forget about the paper and the people.

“This study provides a fascinating insight into what people feel they have ownership of and why. The findings highlight the need for information management policies to be developed closely with Human Resources as part of a Corporate Information Responsibility programme. Firms of all sizes, across all business sectors, need to ensure that employee-exit procedures are robust and compassionate, and that guidelines recognise that how people feel directly influences their behaviour and actions.”

The study suggested that a lack of appropriate information management policies or their ineffective implementation could be a powerful factor in information loss. Only around half [57 per cent] of respondents said it was always clear when information was confidential, and a third [34.4 per cent] said they were not aware of any company guidelines regarding what information could or could not be removed from the office.

The Iron Mountain study surveyed 2000 office workers of all ages and across all business sectors in France, Germany, Spain and the UK.

About Iron Mountain:
Iron Mountain Incorporated (NYSE: IRM) provides information storage and management services that help organisations lower the costs, risks and inefficiencies of managing their physical and digital data. The Company’s solutions enable customers to protect and better use their information so they can optimise their business and ensure proper recovery, compliance and discovery. Founded in 1951, Iron Mountain manages billions of information assets, including business records, electronic files, medical data and more for organisations around the world.