Home / Technology / UK Firms Bleeding Data: Ex-Staff Accounts Unmanaged
UK Firms Bleeding Data: Ex-Staff Accounts Unmanaged
16 Mar
Summary
- 77% of UK firms don't deactivate departing employees' accounts.
- Credential abuse incidents surged 160% year-on-year.
- Manual processes and spreadsheets still manage 28% of accounts.
UK businesses are facing severe identity security risks due to inadequate management of digital accounts, according to a new SailPoint report. The survey of 333 IT decision-makers found that 77% of organizations do not promptly deactivate accounts when employees leave, leaving them open to misuse by former staff or cybercriminals.
This lack of control is exacerbated by a dynamic workforce, with 21% of UK employees changing jobs last year. The situation is compounded by the increasing complexity of managing user access, including contractors, partners, and a growing number of AI agents, with some onboarding up to 10,000 machine identities monthly.
Furthermore, outdated security practices persist, with 28% of firms still relying on spreadsheets and paperwork for account validation. A fifth of AI agents are also managed manually, highlighting a critical need for modernization in identity and access management to mitigate escalating cyber threats.
