In the computer sector, they are called “ghost accounts”. These are e-mails, access permissions for this or that application, attached to users who are no longer in the company. Passed through the cracks of the safety net, some are still open several years after the departure of the collaborator, without the knowledge of the data protection specialists.
“It's a wonderful action vector for hackers”says Jean-Benoît Nonque, Vice President France, Southern Europe, Middle East and Africa of the computer company Ivanti.
Left unattended, these accounts no longer validating updates are a privileged gateway for cyberattacks. “This creates a vulnerability for the company, confirms Frans Imbert-Vier, CEO of Ubcom, a company specialized in cybersecurity. Used to impersonate an identity, they make it possible to have access to data and, most often, to steal it for purposes of economic intelligence. “
In other cases, these same data will be “paralyzed”, thus rendered unreadable, and a ransom will be required to obtain the key to their restoration. So many attacks that can be deadly for businesses.
If the phenomenon remains a minority, it is not unusual to observe it. According to a study conducted by Ivanti, “More than half of IT professionals [technologies de l’information] know at least one person who always has access to applications and data from their former employer “.
Inflation of access rights granted
The security challenges surrounding the departure of employees have tended to increase in recent years, as the galaxy of actors interacting with the company has become more complex. Company changes are more frequent among young employees, occasional collaborations with freelancers are increasing. This implies an inflation of the access rights granted … But also a multiplication of the procedures of withdrawal of these same rights, once the work for the company finished. Enough to alert the professionals of information systems.
“The first problem of this turnover today is the information leak “explains Alain Bouillé, Vice-Chairman of the Information and Digital Security Experts Club (Cesin). While the confidentiality clauses in employment contracts may hinder certain practices, the obvious remains: “It is extremely easy for an employee on the outset to make massive copies on external disk or to send to a sharing site. “ A practice whose consequences can, again, be considerable, especially if the employee goes to competition.