Security habit data reveals riskiest business users
While 93% of office workers admit to insecure IT practices, Intermedia’s 2015 Insider Risk Report finds that tech-savvy users are actually the worst offenders
Even as businesses and the federal government have made cybersecurity a high priority, Intermedia’s survey found that 93% of office workers engage in some form of unsafe online habits that could jeopardise their employer or their customers.
The most tech-savvy employees are most likely to create risk
More surprising, the very people who have the greatest access to company data and are tasked with keeping the company secure—IT personnel—are much more likely to engage in risky behaviors than the average employee:
• 32% of IT professionals have given out their login / password credentials to other employees (compared to 19% across all respondents)
• 28% of IT pros said they have accessed systems belonging to previous employers after they left the job (compared to only 13% among all respondents)
• 31% of IT pros said they would take data from their company if it would positively benefit them – nearly three times the rate of general business professionals
These kinds of practices create risks that include lost data, regulatory compliance failures, data breaches, eDiscovery complications, ex-employee access, and even out-and-out sabotage by a disgruntled current or former employee.
Scope of report findings beyond IT pros
Intermedia’s report also includes data across a range of industries, such as healthcare, finance and legal services, as well as across job functions. Additionally, it examines security habits across age group, company size and job tenure.
Within these categories, a few of the additional insights highlighted within the full report include:
• Millennials are most likely to breach the personal and professional computing divide by installing apps without company approval, saving company files to personal cloud storage, or engaging in other risky “Shadow IT” practices
• By employment duration, long-term employees (7+ years) tend to introduce greater overall security risks
Intermedia’s report offers businesses a better understanding of the scope of the insider threat problem. 97% of respondents have access to sensitive or confidential company information, which means it’s imperative for companies to offer IT tools that make it simple for users to adhere to company security policies.