99% of Office Workers Commit Actions that Dramatically
Increase the Likelihood of a Workplace Data Breach
In the third and final part of our 2017 Data Vulnerability Report, we analyze the impact and outcome of 1,000+ full-time
office workers’ habits relative to data loss, how it's happening, and what can be done to mitigate the risk
SHARE THIS REPORT
Office workers often ignore data security best practices, putting
themselves and their employers at great risk
Almost all (99%) of the professionals surveyed admitted to conducting at least one
potentially dangerous action, from sharing and storing login credentials to sending
work documents to personal email accounts.
When it comes to storing and sharing data and saving login credentials,
employees prioritize personal convenience over security protocols. By ignoring
data security best practices, office workers are putting themselves and their
employers at great risk. In fact, it’s often the employees that pose the biggest risk
to data loss, including those in I.T. departments who you’d think would be more
aware and vigilant.
Lost or stolen data can significantly
impair an organization, and the impact is
only getting worse as the frequency and
sophistication of cyberattacks increase.
IN 2017, THE AVERAGE SIZE OF DATA BREACHES GREW TO INCLUDE MORE THAN 24.000 RECORDS.
While employees may worry, convenience is still king
Despite nearly one quarter (23%) of employees worrying that someone outside of their company could hack or access files due to an email breach, they continue to ignore best practices opting instead for more convenient, and therefore more detrimental, practices.
Jonathan Levine,CTO, Intermedia
While widespread ransomware attacks, hardware failure, and natural disasters are all serious
threats to an organization, sometimes the biggest security threat comes from the inside. When
employees do not properly back up files, choose to use the same password across multiple
accounts, or send confidential materials to their personal accounts, their companies are left
exposed and vulnerable not only to data loss, but to serious financial and legal implications as well.
WHEN IT COMES TO STORING/SHARING DATA, AND SAVING LOGIN CREDENTIALS:
ROUGHLY 1 in 4
(24%) of office workers reuse the same login credentials for their work and personal accounts
(96%) of office workers automatically save work passwords
on their work computer, instead of routinely entering login
ALMOST 1 in 4
(23%) of office workers admit they automatically save their
work credentials to their home computer
use the same login credentials for work and personal accounts
MORE THAN HALF OF OFFICE WORKERS ADMIT TO STORING WORK FILES ON THEIR DESKTOP OR IN DESKTOP FOLDERS
1/3 SAY THEY STORE WORK DATA ON PERSONAL FILE SYNC AND SHARE SERVICES, A SIGNIFICANT INCREASE FROM THE 12% WHO REPORTED DOING THIS IN 2015
While employees may find these practices to be more convenient, they leave their organizations and networks more susceptible to cyberattacks. Considering that market researcher Cybersecurity Ventures predicts worldwide cybercrime damages will increase to $6 trillion annually by 2021, with risky employee behaviors helping to fuel that rise, it's clear that there is a great deal of education, as well as sweeping changes to habits, policies, and procedures, that must take place.
Jonathan Levine,CTO, Intermedia
Employees want to do the right thing, but sometimes don’t know how, or the tools they are given to
do so are often hard or cumbersome to use. As our latest study shows, organizations need to
recognize that getting employees to change their behavior won’t happen overnight. Instead,
companies need to offer solutions that protect confidential information with minimal impact on an
employee's daily workflow, such as automated backup and 2-factor password requirements. The
most effective security measures are often ones that employees don’t even know are in place.
Employees increasingly share confidential company documents via insecure ways
Just as, if not more, worrisome is the amount of proprietary data and intellectual property that employees are passing back and forth between their work and personal accounts.
While this is most common when an employee leaves a company, current employees also engage in this behavior, increasingly putting companies at risk and vulnerable to data loss.
ACCESSING MATERIALS AFTER LEAVING A COMPANY IS ON THE RISE, ESPECIALLY IN I.T.
EMPLOYEES PASS SECURE DATA BACK AND FORTH AT LEAST ONCE A WEEK USING UNSAFE METHODS:
of office workers email a work document to their personal email at least weekly, exposing confidential data to even more threats
...and they aren't just sharing emails or memos:
THESE MATERIALS INCLUDE:
How can you mitigate the risk your employees pose?
Joshua Sharfman,Intermedia customer and Chief Technology and Innovation Officer at California Association of REALTORS®
The research indicates that the most vulnerable security breach vector within an organization is your employees. For example, they get lazy with passwords and reuse credentials. They’re not mindful of emails and aren’t vigilant when clicking on embedded links.
Having appropriate system policies in place is also key, and Intermedia’s technology helps us do
that. I also recommend that companies block the payloads that they don’t want coming into the
network because they could carry executable malware and create other ways of transporting that
data. Also, it’s important to apply proper patches and updates in a timely manner. Data security is
all part of the operational expense, and a critical one that is frequently overlooked
Beyond educating employees on potential risks that lead to data breaches, choose security
solutions that protect confidential information with minimal impact on daily workflow. This
includes real-time automated backup that enables quick file recovery, if needed, but doesn't
require any action of employees. Not sure what to do next? Don't worry. Intermedia can help
you identify a solution that's right for your business.
Check out these other resources for further information on how to
educate your workforce and your customers
Check out our
Lose Another File
Intermedia offers a broad yet tightly integrated suite of cloud applications, including UCaaS, business email, file backup, sync & share,
collaboration, identity and access management, security, and archiving – all delivered by a single provider with one point of control.
Companies want security, scalability, and someone to manage the complexities of business I.T. for them, and that’s just what Intermedia
delivers with enterprise-grade security, a 99.999% uptime service level agreement and J.D. Power-certified 24/7 support. For more
information, visit Intermedia.net or connect with us on Twitter, Facebook or LinkedIn.
This study was commissioned by Intermedia and delivered by Precision Sample®, an independent market research organization. Precision
Sample has an active proprietary panel of over 3.5M respondents that is routinely validated with a stringent screening process including
Verity® and RelevantID by Imperium®. Results derived from an 11-minute online survey instrument with 45 total questions, fielded June
1-5, 2017. Setup questions were used to ensure that only U.S. knowledge workers were in the sample, which was defined as those who
routinely work in an office environment. Overall margin of error of +/- 2.95% at a 95% confidence interval.
All trademarks, registered trademarks, service marks, trade names and product names appearing herein are the property of their respective owners.