Employees aren’t taking the proper steps to keep their organizations’ information safe while traveling.
ObserveIT surveyed more than 1,000 U.S. employees ages 18 – 65+ who have traveled with corporate devices in the past year and found that the majority are putting connectivity and efficiency above security; using public Wi-Fi and unauthorized devices to access work email and/or files on the go.
While they may not have malicious intent, the negligent actions of employees caused 64 percent of all insider threat incidents in the past 12 months (Ponemon Institute). And, though breaches caused by accidental insiders can happen at any time, there’s heightened risk when employees are outside the office, using public workspaces or personal devices to remain connected.
The survey confirms that employees are, in fact, jeopardizing corporate information while they’re traveling, and employers aren’t doing enough to mitigate these risks.
Connectivity is valued more than security
More than three fourths (77 percent) of respondents say they connect to free or public Wi-Fi while traveling. Further, with 63 percent of people saying they’re using public Wi-Fi to access work emails and files, they’re presenting an easy opportunity for cybercriminals to infiltrate and exploit sensitive data.
Organization-wide guidelines are unclear
Organizations aren’t doing enough to educate employees about cybersecurity best practices. Almost half of those surveyed (49 percent) said they’re either unaware of any organization-wide travel-related cybersecurity guidelines, or, their company doesn’t have any. This can result in employees engaging in risky behavior – for example, only 17 percent of respondents said they always use a VPN to connect securely outside the office.
Holiday travel poses additional risk to organizational security
The survey also found that 55 percent of people plan to bring a work device along with them while traveling this holiday season. As the data indicates, people value convenience over security, so creating cybersecurity awareness around year-end travel will be critical to ensuring sensitive data isn’t leaked unintentionally.
“Not only does this research confirm that cybersecurity isn’t top of mind while employees are traveling, but it also highlights a major gap in security awareness training around mitigating the threats posed by remote work,” said ObserveIT CEO Mike McKee. “While technology has enabled people to be productive regardless of location, it’s also creating new ways for hackers to infiltrate otherwise secure systems. Organizations can’t just focus on what’s happening within their four walls. Rather, they need to take a holistic approach that puts security first, wherever work is getting done.”