Even as businesses and the federal government have made cybersecurity a high priority, 93% of office workers engage in some form of unsafe online habits that could jeopardise their employer or their customers, according to Intermedia.
More surprising, the very people who have the greatest access to company data and are tasked with keeping the company secure—IT personnel—are much more likely to engage in risky behaviors than the average employee:
- 32% of IT professionals have given out their login / password credentials to other employees (compared to 19% across all respondents)
- 28% of IT pros said they have accessed systems belonging to previous employers after they left the job (compared to only 13% among all respondents)
- 31% of IT pros said they would take data from their company if it would positively benefit them – nearly three times the rate of general business professionals.
These kinds of practices create risks that include lost data, regulatory compliance failures, data breaches, eDiscovery complications, ex-employee access, and even out-and-out sabotage by a disgruntled current or former employee.
Additional insights include:
- Millennials are most likely to breach the personal and professional computing divide by installing apps without company approval, saving company files to personal cloud storage, or engaging in other risky “Shadow IT” practices
- By employment duration, long-term employees (7+ years) tend to introduce greater overall security risks.
“Security policies are most effective when employees don’t even have to think about them. That’s why it’s so important to provide tools that make it easier to follow the rules, like single sign-on portals or enterprise-class file sharing. The simpler it is for employees to be productive using company sanctioned tools, the more likely you are to deter the kinds of practices that put the company at risk,” said Jonathan Levine, CTO at Intermedia.