Employers must balance productivity and collaboration tools with security

Americans are more concerned about cybersecurity than ever before, according to Unisys. The survey found that concerns around internet security (including computer viruses and hacking) rose by 16% from 2020 to the highest level of U.S. internet security concerns in the 15 years that Unisys has been running the study.

Despite their heightened concerns over internet security, many Americans are bypassing company security processes and using unauthorized software for work, notably:

• 58% of U.S. workers have downloaded or installed software, apps or cloud storage programs not approved by their IT department.
• When asked why they chose to do so, 45% of respondents said that the software or apps they downloaded were better than the tools their company provided, while 43% said that their company did not provide a good alternative option.

“With the hybrid workforce here to stay, the survey shines a light on the need to balance productivity and collaboration tools with security, which do not have to be mutually exclusive,” said Leon Gilbert, SVP and GM, Digital Workplace Solutions, Unisys.

“It’s likely that many people don’t understand the security risks of what they’re doing when they go around their IT department, but it underscores how important it is for organizations to recognize how your employees feel, ensure quality communication and collaboration experiences and equip your workforce with appropriate tools that are adopted rather than bypassed.”

Lack of security awareness creates risks for collaboration

The survey found that most Americans are unaware of cybersecurity threats, including:

• 62% say they are not familiar with the threat of SMS phishing (also known as SMiShing), which is when a scammer texts asking for personal or financial information
• 76% report being unaware of SIM jacking, which is when a scammer gets your phone number transferred to a phone they control
• 51% of people surveyed say they are not wary of clicking on links in a text message, email or social media app, and
• 72% of respondents do not know where to report a scam should they be victimized.

The findings pose a stark warning for companies navigating remote and hybrid work environments, trying to balance productivity and security. A recent report found that the overall number of phishing attacks increased dramatically in Q2 2021, with a 281% spike in May and another 284% increase in June.

“With cyberattacks constantly in the headlines, the average consumer is experiencing a level of ‘data breach fatigue.’ However, this puts businesses at risk,” said Unisys Chief Security and Infrastructure Officer Mat Newfield.

“Without proper network defenses, one click from an employee working from home opens up other access points to the network, which typically is made up of more than one cloud environment. This could put your company’s IP, assets and data at risk, which is why leaders need to re-think how and where they focus their attention.

“Organizations need to embrace a holistic security strategy that provides greater visibility across IT and cloud environments so they can take action to address gaps and incidents, as well as look at tools that can encrypt data in motion, segment your network so that an intruder cannot move laterally across it and increase identity-based access and authentication measures,” said Newfield.