This article reminded me of a statistic I saw during a presentation on insider threats last week. In a recent survey, over one third of employees would willingly sell their passwords/access to anyone, some for as little as $150.
See the problem here is that while so many people are starting to wake up to the data security problem that we have, and some are even starting to realize that the people who have access to that data are the most important link to that data when it comes to keeping it secure, I don’t know that many are correlating that fact with just how disengaged some of their employees are.
An employee who would sell their access credentials for cash, is an employee who doesn’t care at all about the organization they work for, and in many cases, why should they? Yes, it’s unprofessional, and illegal, and I can give you a host of other reasons why anyone should at least care enough not to do this, but I also understand it. I’ve worked at jobs I’ve hated, for organizational “leaders” I had no respect for, for managers who showed no respect for the people doing the actual work, and so on. It’s a miserable existence, and after I left, I felt zero sympathy for the company when bad things happened.
Given those sort of working conditions, is it any wonder your employee would sell you out?