The cloud service provider Intermedia has released its 2015 Insider Risk Report, which exposes the online security habits of more than 2,000 office workers in the United States and UK.
Even as businesses and the US federal government have made cybersecurity a priority, Intermedia’s survey found that most – 93pc – of office workers engage in some form of unsafe online habits that could jeopardise their employer or their customers. The very people who have the greatest access to company data and are tasked with keeping the company secure, IT personnel, are much more likely to engage in risky behaviors than the average employee:
32 per cent of IT professionals have given out their login / password credentials to other employees (compared to 19pc across all respondents)
28pc of IT pros said they have accessed systems belonging to previous employers after they left the job (compared to only 13pc among all respondents)
31pc of IT pros said they would take data from their company if it would positively benefit them – nearly three times the rate of general business professionals
These kinds of practices create risks that include lost data, regulatory compliance failures, data breaches, eDiscovery complications, ex-employee access, and even out-and-out sabotage by a disgruntled current or former employee, the report authors suggest.
The report includes data across a range of industries, such as healthcare, finance and legal services, as well as across job functions. And it examines security habits across age group, company size and job tenure. Within these categories, a few of the additional insights highlighted include:
Millennials are most likely to breach the personal and professional computing divide by installing apps without company approval, saving company files to personal cloud storage, or engaging in other risky “Shadow IT” practices . And by employment duration, long-term employees (7+ years) tend to introduce greater overall security risks.
