“Rage Deletion” is on the rise: Safeguarding data from intentional deletion

Employees are historically disengaged and dissatisfied.  At the same time, organizations’ operations and revenues increasingly rely heavily on digital assets. The combination is creating a mounting new risk:  intentional data destruction by employees. Research is showing it’s already happening. “Rage Deletion” is rearing its head, especially among younger workers. As a result, organizations must both address work culture and protect themselves from potential internal threats. The intersection of work satisfaction and data security has never been more potentially costly.

Addressing this challenge requires strict protocols and a company-wide culture of cybersecurity awareness. Protecting against Rage Deletion is no longer optional. Organizations must determine how to safeguard their data, mitigate insider threats, and foster a culture that prevents workplace sabotage. 

Understanding Rage Deletion 

Intentional data deletion can degrade or disable operations, result in loss of customer trust, and incur regulatory penalties. While there are many factors behind Rage Deletion, understanding the why will help companies determine how to safeguard against it. So, what are the main reasons behind this rage deletion? 

New data finds Rage Deleters are significantly less engaged at work and more frustrated than other employees. They feel increased pressure to show productivity and are concerned about their job security. The same report found that employees who have intentionally deleted data receive cybersecurity training less often and don’t feel like their employer invests in their development. Employees not looking forward to going to work are likely not interested in safeguarding important company assets. 

Disengaged and disgruntled employees are more likely to intentionally delete data, this action can cause significant damage to organizations. Employers should take a proactive approach to mitigate the risks of Rage Deletion, both from a technology and human standpoint.  As incidents continue to rise, a proactive approach is necessary to prevent employees from rage deleting.

Preventing rage deletion 

Once employers identify what’s triggering intentional data deletion from employees, it’s easier to mitigate it by adopting a mix of technology-driven and administrative solutions. Only 39% of companies have clear policies mandating that important and critical business data is backed up. While it’s hard to control what employees do, tailoring solutions to meet an organization’s needs is critical. 

For example, in 2018, Tesla fell victim to employee sabotage. A disgruntled employee altered product code and sent sensitive data to external parties. Luckily, Tesla had strong cybersecurity policies, but this event highlights the importance of securing access to data and implementing robust automated data backups to protect against internal threats. 

To mitigate insider risks, organizations must implement automated backups to ensure data recoverability if it is deleted or compromised. Additionally, organizations should have strong access controls in place to limit access based on role and business need especially related to sensitive data.   Incorporating  data deletion awareness in cybersecurity training can help educate employees and emphasize the operational, financial, and compliance impacts  as well as the legal consequences that come with it.  Lastly, whether employees give notice or are terminated, it’s important to promptly adjust access permissions to limit data from being intentionally deleted. 

Creating a culture of cybersecurity awareness 

The way employees feel might show up in how they use technology. For example, disengaged employees might be less careful with data or purposely deleting sensitive data because they’re dissatisfied with their role. While there might be several layers to addressing this challenge, strict protocols and a culture of cybersecurity awareness are necessary. 

Creating a culture of cybersecurity awareness starts at the top. Leadership must reiterate and demonstrate the importance of secure behaviors. Employees should receive continuous training and education about the risks associated with internal and external cybersecurity threats at the time of hire and at least annually thereafter. This will help instill a culture of security and create awareness of threats. It’s crucial to emphasize a shared responsibility in protecting organizational assets. Combining technology, policies, controls, and culture encourages employees to act as responsible stewards of data and reduces the likelihood and impact  of malicious  activity. 

Intentional deletion of data has become a serious threat to organizations, but it’s manageable with the right technology, policies, and initiatives. Companies that understand employee motivations, control access, and implement automatic backups can better  protect their most critical asset: data. The rise in rage deletion highlights the importance of cybersecurity protocols extending beyond outsiders.