Almost all (99%) of the professionals surveyed admitted to conducting at least one potentially dangerous action, from sharing and storing login credentials to sending work documents to personal email accounts.
When it comes to storing and sharing data and saving login credentials, employees prioritize personal convenience over security protocols. By ignoring data security best practices, office workers are putting themselves and their employers at great risk. In fact, it’s often the employees that pose the biggest risk to data loss, including those in I.T. departments who you’d think would be more aware and vigilant.
Lost or stolen data can significantly impair an organization, and the impact is only getting worse as the frequency and sophistication of cyberattacks increase.
Jonathan Levine,CTO, Intermedia
While widespread ransomware attacks, hardware failure, and natural disasters are all serious threats to an organization, sometimes the biggest security threat comes from the inside. When employees do not properly back up files, choose to use the same password across multiple accounts, or send confidential materials to their personal accounts, their companies are left exposed and vulnerable not only to data loss, but to serious financial and legal implications as well.
(24%) of office workers reuse the same login credentials for their work and personal accounts
(42%) of office workers surveyed in Intermedia’s 2015 Insider Risk Report said that they had used their personal password for business applications
(96%) of office workers automatically save work passwords on their work computer, instead of routinely entering login credentials
(23%) of office workers admit they automatically save their work credentials to their home computer
use the same login credentials for work and personal accounts
MORE THAN HALF OF OFFICE WORKERS ADMIT TO STORING WORK FILES ON THEIR DESKTOP OR IN DESKTOP FOLDERS
1/3 SAY THEY STORE WORK DATA ON PERSONAL FILE SYNC AND SHARE SERVICES, A SIGNIFICANT INCREASE FROM THE 12% WHO REPORTED DOING THIS IN 2015
While employees may find these practices to be more convenient, they leave their organizations and networks more susceptible to cyberattacks. Considering that market researcher Cybersecurity Ventures predicts worldwide cybercrime damages will increase to $6 trillion annually by 2021, with risky employee behaviors helping to fuel that rise, it's clear that there is a great deal of education, as well as sweeping changes to habits, policies, and procedures, that must take place.
Jonathan Levine,CTO, Intermedia
Employees want to do the right thing, but sometimes don’t know how, or the tools they are given to do so are often hard or cumbersome to use. As our latest study shows, organizations need to recognize that getting employees to change their behavior won’t happen overnight. Instead, companies need to offer solutions that protect confidential information with minimal impact on an employee's daily workflow, such as automated backup and 2-factor password requirements. The most effective security measures are often ones that employees don’t even know are in place.
Just as, if not more, worrisome is the amount of proprietary data and intellectual property that employees are passing back and forth between their work and personal accounts.
While this is most common when an employee leaves a company, current employees also engage in this behavior, increasingly putting companies at risk and vulnerable to data loss.
of office workers email a work document to their personal email at least weekly, exposing confidential data to even more threats
...and they aren't just sharing emails or memos:
THESE MATERIALS INCLUDE:
Joshua Sharfman,Intermedia customer and Chief Technology and Innovation Officer at California Association of REALTORS®
The research indicates that the most vulnerable security breach vector within an organization is your employees. For example, they get lazy with passwords and reuse credentials. They’re not mindful of emails and aren’t vigilant when clicking on embedded links.
Having appropriate system policies in place is also key, and Intermedia’s technology helps us do that. I also recommend that companies block the payloads that they don’t want coming into the network because they could carry executable malware and create other ways of transporting that data. Also, it’s important to apply proper patches and updates in a timely manner. Data security is all part of the operational expense, and a critical one that is frequently overlooked
Beyond educating employees on potential risks that lead to data breaches, choose security solutions that protect confidential information with minimal impact on daily workflow. This includes real-time automated backup that enables quick file recovery, if needed, but doesn't require any action of employees. Not sure what to do next? Don't worry. Intermedia can help you identify a solution that's right for your business.
Intermedia offers a broad yet tightly integrated suite of cloud applications, including UCaaS, business email, file backup, sync & share, collaboration, identity and access management, security, and archiving – all delivered by a single provider with one point of control. Companies want security, scalability, and someone to manage the complexities of business I.T. for them, and that’s just what Intermedia delivers with enterprise-grade security, a 99.999% uptime service level agreement and J.D. Power-certified 24/7 support. For more information, visit Intermedia.net or connect with us on Twitter, Facebook or LinkedIn.
This study was commissioned by Intermedia and delivered by Precision Sample®, an independent market research organization. Precision Sample has an active proprietary panel of over 3.5M respondents that is routinely validated with a stringent screening process including Verity® and RelevantID by Imperium®. Results derived from an 11-minute online survey instrument with 45 total questions, fielded June 1-5, 2017. Setup questions were used to ensure that only U.S. knowledge workers were in the sample, which was defined as those who routinely work in an office environment. Overall margin of error of +/- 2.95% at a 95% confidence interval.
All trademarks, registered trademarks, service marks, trade names and product names appearing herein are the property of their respective owners.
