Corporate Layoffs Put Company IP at Risk
With corporate layoffs and government workforce reductions frequently making headlines, leaders often underestimate the potential for massive data loss and intellectual property liability. While immediate impacts are widely discussed, the less visible danger lies in the scattering and potential disappearance of critical organizational data. Employees frequently save work-related information on personal devices or cloud services without consistent backup capabilities. Fear and frustration surrounding layoffs can also lead to deliberately deleting key files. These factors, along with inconsistent backup protocols and unclear data protection responsibilities, create the perfect storm for intellectual property loss. Addressing these vulnerabilities is essential to mitigate the hidden data loss risks tied to workforce reductions.
Don’t Layoff the Data
The risk of data loss during layoffs is significantly amplified by the pervasive habit of employees storing work-related information across numerous platforms. According to CrashPlan’s recent Work Trend Security Report, 69% of workers save work data directly on their devices rather than in folders on dedicated enterprise file servers, creating a substantial amount of potentially unprotected information residing outside of company-managed systems. Another 52% rely on SaaS platforms like OneDrive, Google Drive or Dropbox for storing work files, often without consistent or centralized backup oversight. A full 39% save work data within SaaS apps and platforms like Google Docs, M365 and Salesforce, while 21% save work data within collaboration platforms. When layoffs hit, most organizations are not prepared to gather all the data their employees have created or distributed across these systems.
Beyond unintentional loss, there is also an alarming trend surrounding deliberate data deletion, or “rage deletion.” One in six workers has witnessed a co-worker intentionally delete important files before leaving their employment, and that figure escalates to one in five among those who are worried about their own job security. As companies in every industry become more reliant on data to deliver their products, services and market differentiators, there is a more profound impact when disgruntled employees leave their organizations without critical data. The combination of data sprawl across platforms and the risk of rage deletion creates a significant challenge for organizations facing workforce reductions.
Backup Barriers Raise Risks After Layoffs
The risks of data sprawl and deletion are compounded by poor data backup practices. Many employees fail to back up files stored on their endpoint devices or in critical cloud applications. This is where many organizational strategies fall short as well. Only 30% of workers report that their company makes it “super easy” to back up data, while 17% find it difficult. When backup feels like a chore or is disruptive to productivity, it often gets skipped.
This becomes especially dangerous during layoffs. Departing employees may leave behind unprotected files, and poorly managed cloud data increases exposure. A SANS study found that 80% of companies store sensitive data on endpoints like laptops and desktops, including personal, financial and intellectual property, creating significant liability if that data is lost or leaked.
A further complication is the lack of clear responsibility for data protection. Many employees assume someone else is in charge. About 25% believe it’s the responsibility of Google or Microsoft to safeguard data on their platforms, and 38% assume their employer is solely responsible. This misunderstanding of responsibility fosters an environment where critical data can slip through the cracks, especially during employee transitions.
What CIOs and CISOs Can Do
Technology and security leaders must proactively address these risks. It starts with understanding where critical data lives and identifying gaps in backup tools and recovery processes. Leaders must evaluate how easy it is for employees to protect their data and whether current solutions meet their needs and can scale across the enterprise.
Equally important is collaboration across departments, communication and including relevant resilience content in periodic security training. Providing clear instructions on which backup tools to use, along with streamlined processes, empowers employees to protect their work.
Engaging with the People team or Human Resources can also add value in understanding overall employee morale and corporate culture, adding context for potential risks. For example, gaining insight into overall employee satisfaction survey results for the broader organization can be an input into quantifying rage deletion or other insider risk. Establishing employee off-boarding processes that include secure hardware retrieval and access de-provisioning for departing employees is essential for maintaining a strong security posture.
Creating a Culture of Cybersecurity Awareness
To reduce the risk of data loss during layoffs, organizations must foster a culture of cybersecurity awareness. Employee sentiment significantly impacts behavior. Disengaged workers are more likely to delete data maliciously. CrashPlan’s research shows that such employees often receive less cybersecurity training and feel undervalued by their employer.
Cultivating a security-conscious culture starts with leadership. Executives should model and communicate the importance of data protection and security. Ongoing training must be prioritized, not just at onboarding, but on a regular basis. Employees need to understand the risks of both internal and external threats that are relevant to the organization, and that data protection and security are everyone’s responsibility.
When combined with clear policies, strong technological safeguards and automated backups, a culture of security awareness can empower employees to act responsibly and reduce the chance of data loss. Addressing employee motivations, managing access, and implementing smart backup strategies are key to protecting vital information in a climate where insider risks are increasingly prevalent.
Conclusion
In all, the risks to corporate intellectual property during layoffs can be significant and multifaceted, ranging from unintentional loss to deliberate deletion. Without strong backup practices, clear accountability and a culture of cybersecurity awareness, organizations remain vulnerable during times of transition. By investing in user-friendly automated backup tools, cross-department collaboration and consistent employee training, companies can safeguard their data, assets and minimize operational disruptions. As companies consider workforce changes, protecting intellectual property must be an intentional, organization-wide priority.
