Sixty-two percent of respondents felt it is acceptable to transfer work documents to personal computers, tablets, smartphones or online file sharing applications, owing mainly to the BYOD culture. The majority never delete the data they’ve moved because they do not see any harm in keeping it. Fifty-six percent of employees do not believe it is a crime to use a competitor’s trade secret information. Forty-four percent of employees believe a software developer who develops source code for a company has some ownership in his or her work and inventions, and 42 percent do not think it’s a crime to reuse the source code, without permission, in projects for other companies.
The study recommended that IP theft awareness should be integral to security awareness training in organizations. Existing non-disclosure agreements (NDAs) must be enforced strictly. A data protection policy that monitors inappropriate access and use of IP and automatically notifies employees of violations would also deter theft and increase security.
Symantec, in association with the Ponemon Institute had conducted a similar study in 2011, titled “Cost of Data Breach Study: United States”, which revealed negligent insiders were the top cause of data breaches.