Lending a coworker your computer or password leaves you vulnerable to a breach.
Only about a third of American workers with special credentials to office networks would deny access to a coworker. It might sound mean, but it’s the safe thing to do.
Data protection company Spanning Cloud Apps’ new research shows we’re not very safe online, and it could mean anything from data breaches to identity theft…
- More than half (55 percent) of workers say they follow links they don’t recognize.
- 45 percent say they’d allow a colleague to use their work computer, preferring to be “nice” than safe.
- And more than a third (34 percent) fail to identify an insecure shopping site.
Some of the findings slant positively…
- Nearly three quarters are suspicious of strange URLs from familiar sites, like Facebook and The New York Times
- And 87 percent of people are cautious around unfamiliar URLs from an unfamiliar site, like bit.ly.
“These results show that there is still a concerning gap between what users say they understand and how they actually behave,” says Spanning Cloud App VP Mat Hamlin. “Organizations need to improve security awareness and training while still preparing for the worst.”
We took a look at similar studies to find employees are a major source of online threats to themselves — and it’s mostly because they don’t know any better.
Bosses do foolish things with cybersecurity
For example, conferencing tech company 247meeting surveyed 2,000 workers and found “worrying lapses in workplace security, with senior management often being the biggest culprits.”
- A quarter of senior managers (25 percent) said they’d “experienced a stranger on a conference call.”
- More than a third of employees don’t know where to find the company’s security policies.
- And almost half of employees (46 percent) say they’ve used communication tech tools at work that had no password protection.
We’re all vulnerable
247meeting’s biggest finding: Another quarter of workers (25 percent) say they’d experienced either a data breach, a cyber-attack, or both.
The top field in which people experienced either of the two or both combined was information research and analysis: 73 percent of respondents checked those boxes off.
The rest of the top five are—how should we put it—concerning:
- Law enforcement and security: 66 percent
- Environment and agriculture: 55 percent
- Leisure, sport, and tourism: 48 percent
- Business, consulting and management: 38 percent
Most of us are guilty
Communications research company Finn Partners Research surveyed 500 office workers on cybersecurity and found even more damning—but no longer surprising—behaviors.
- More than half of employees (55 percent) use personal devices for work, “which directly impacts increased vulnerability to hackers, malware and data breaches.”
- And only 26 percent said they changed login credentials “at least once a month.”
Finn Partners also found only a quarter of employees getting cybersecurity training on a monthly basis. That’s apparently not enough.
“The behavior patterns to elicit security breaches remain,” says Jodi Brooks, a Finn Partners managing partner. “The opportunity to invest and increase the cadence of security vulnerability training in our organizations is vital. It is no longer sufficient for organizations to roll out annual security trainings on the latest vulnerabilities.”
Here are three broad steps Finn Partners recommends organizations follow:
- Consistently address cybersecurity concerns across the company
- Encourage employees to prioritize cybersecurity
- Share tips and strategies
While these look like common sense, many companies aren’t following them. For example, a study last year from risk management company Aon found More companies are facing cyber attacks and online security breaches than ever before but, as Debt.com reported, they “don’t have the ability to fend off those attacks”.
Whatever your company’s policies or actions are, you don’t have to wait for it to do the job. Learn more about how to protect yourself from identity theft before it happens.
Meet the Author
Article last modified on December 11, 2018 Published by Debt.com, LLC . Mobile users may also access the AMP Version: Being Polite Puts Your Data at Risk - AMP.