AppID, Email Archiving, Exchange Email, News and announcements, SecuriSync, Security, Security and Compliance
Tech journalists discuss our 2015 Insider Risk Report
Recently, we published a report about the threats posed to your business by risky employee security practices. If you haven’t already, give our “2015 Insider Risk Report” a read. It’s pretty shocking.
And we aren’t the only ones who think so. Several technology journalists reviewed our report and are weighing in on the subject:
SC Magazine Senior Reporter Jeremy Seth Davis met with Ryan Barrett, VP of Security and Privacy at Intermedia, to discuss our report findings. In particular, the fact that our data reveals that Millennial IT workers who have been at the company awhile pose the greatest risk to the business:
“…professionals who have been around for the longest period of time are less nervous about making mistakes that would endanger the security of the organization. “They have more social capital at that stage,” Barrett said. “Mistakes are less tolerable when an IT professional is new at the company.”
Davis dug deeper into our compiled data and shares that: “Intermedia’s 2015 Insider Risk Report found 37 percent of employees who have worked at their company for at least seven years admit to using hard copies to store their passwords.”
But there are ways to combat this and the other risky behaviors we reveal in our report. One key way is through better and more frequent security training. But as Barrett points out to Davis in the SC Magazine article, you can’t just sit everyone down in a classroom and lecture at them. Millennials “don’t want to be trained in the same boring way.” You’ve got to get them interested and engaged.
Read the full SC Magazine article to learn how Barrett keeps security training engaging for us here at Intermedia.
Mike Wheatley at SiliconANGLE honed in on our findings that IT staff are the employees that present the riskiest behavior.
Wheatley recognizes that nefarious behavior on the part of IT workers (accessing systems of former employers or stealing data from current employers before leaving a job) can pose a huge risk for employers. After all, these are employees who “have the greatest access to a company’s data and the ones charged with keeping it secure”.
Taking a step back, Wheatley cites our report in pointing out that the larger issue of sloppy security practices among all employees puts enterprises at risk:
“Intermedia also provides another statistic that really hammers home just how careless most staff are towards IT security – a stunning 93 percent of respondents admit to insecure IT practices. These sloppy habits result in a myriad of security issues for enterprises, including regulatory compliance failures, data loss, data breaches and in some extreme cases, purposeful sabotage carried out by disgruntled employees.”
Jeff Goldman at eSecurity Planet also reviewed our report. Goldman focuses on the surprising data around tenured employee behavior versus that of new employees:
“Surprisingly, the survey also found that long-term employees (seven years or longer) tend to introduce greater security risks overall — 23 percent of long-term employees have shared login credentials with coworkers, compared to 9 percent of new employees. And 23 percent of long-term employees have deployed free or paid Web apps without consulting IT, compared to 13 percent of new employees.”
He cites Jonathan Levine, our CTO, who recommends that companies deploy tools that are so easy to use that employees aren’t tempted to use unsanctioned apps at work:
“Security policies are most effective when employees don’t even have to think about them,” Intermedia CTO Jonathan Levine said in a statement. “That’s why it’s so important to provide tools that make it easier to follow the rules, like single sign-on portals or enterprise-class file sharing.”
Check out the full 2015 Insider Risk Report
Get a deeper look at this and other data by reading our full 2015 Insider Risk Report. You’ll also find best practices for combatting risky employee behavior, including recommendations for regulated businesses and a handy off-boarding checklist for use when employees leave.