22% of employees admit to breaching company rules with GenAI
Disruptive technologies like AI are heightening the longstanding tension between organizational security and employee productivity, according to 1Password.
Employees are under increasing pressure to perform; to boost efficiency they’re embracing generative AI, hybrid and remote work, and unapproved applications and devices. IT and security teams are having difficulty keeping up, even as their organizations face new urgency in a landscape constantly remade by mounting cyberthreats and disruptive technologies.
“Since the pandemic, employees have gained unprecedented flexibility in where and how they work, and that flexibility often extends to the apps and devices they use. Productivity has become paramount, leaving significant security challenges for IT and security leaders—who often feel like they don’t have bandwidth or budget to keep employees secure,” said Jeff Shiner, CEO of 1Password.
“When it comes to security and productivity, it shouldn’t be either-or. Businesses and security providers alike need to deliver solutions that keep employees protected and productive—no matter how they prefer to work. When you secure your people, you secure your business,” added Shiner.
Tech expansion presents challenge for security teams
While IT and security teams work to expand employee access to new tools and technologies like generative AI, the challenge of keeping up with the speed of technology and safeguarding their organizations has dramatically increased.
50% of security pros say it’s almost impossible to find the right balance between security and employee productivity. 69% admit they’re at least partly reactive when it comes to security. The main reason? They’re being pulled in too many conflicting directions (61%).
79% don’t feel their security protections are adequate, and 69% say single sign-on (SSO) tools are not a complete solution for securing employees’ identity.
Well-intentioned employees gravitate toward tools, technologies, devices, and habits to increase productivity and support how they want to work, but they often don’t consider or understand the impact on security.
Shadow IT and the need to be productive
34% of employees use unapproved apps and tools, otherwise known as shadow IT. On average, these workers use a total of five shadow IT apps or tools—each representing a potential new threat vector.
17% admit to never working on their work-provided devices, opting solely for personal or public computers. 54% admit to being lax about their company’s security policies. Reasons include a desire to get things done quickly and be productive (24%) and the belief that security policies are inconvenient (11%) or too stringent or unreasonable (11%).
44% say security would be less of an issue if tools were easier to use and policies were easier to follow. But fewer than one in 10 security pros (9%) say that employee convenience is their top consideration when selecting security software.
The rise of generative AI
The rise of generative AI has accelerated the tug-of-war between security and employee productivity. Security teams are worried about generative AI’s potential to expand the surface area for attacks, while employees are enticed by its potential to boost efficiency and output.
92% of security pros have security concerns around generative AI, with specific apprehensions including employees entering sensitive company data into an AI tool (48%), using AI systems trained with incorrect or malicious data (44%), and falling for AI-enhanced phishing attempts (42%).
57% say that using generative AI tools at work saves them time and makes them more productive. And a relatively small, but significant, group of employees (22%) admit to knowingly violating company rules on the use of generative AI.