The survey, carried out by Forrester Consulting for email security company Proofpoint, found that another seven percent of firms terminated an employee's contract for violating blog or message board policies in the past year.
More than 70 percent of companies have disciplined an employee for violating email policies in the past year, the study of 406 companies in the U.S. and the U.K. with more than 1,000 employees found.
The study found that 38 percent of companies with 1,000 or more employees hire staff to read or analyse outbound email. Forty percent of larger companies (those with more than 20,000 employees) employ staff for this purpose. Companies appear to have good reason to worry – more than half (51 percent) investigated a suspected email leak of confidential or proprietary information and nearly two in five (39 percent) investigated a suspected violation of privacy or data protection regulations in the past year.
“Inadvertent leakage of confidential information costs U.K. public limited companies (PLC) millions in reputation damage every year. Companies should wake up to this fact that IT security is not just about protection from external attacks but also from internal vulnerabilities," said Mark Hughes, managing director, Proofpoint. "U.K. PLC needs to protect itself from malicious and accidental leakage of inappropriate, confidential and financially sensitive information. These internal vulnerabilities may not deliberate but due to poorly defined processes or inadequately trained staff."
A recent study by online polling firm YouGov, commissioned by Microsoft, found that more than a third of U.K. respondents said that human resources and payroll information were the most popular targets of illegal access by company insiders. Six percent also said they would steal a coworker’s password if the opportunity arose.
The survey also found that men are more dishonest than their female colleagues, with 27 percent of men, compared to 16 percent of women, admitting to having stolen personal information.