Story image

Employees worry about security but don't do anything about it, survey finds

23 Mar 16

There is a significant disconnect between an employees’ growing concern over the security of their personal information and their attitudes toward data security practices in the workplace, according to SailPoint’s annual Market Pulse Survey.

The global survey, which was commissioned by SailPoint and conducted by independent research firm Vanson Bourne, looks at how employees view their individual role in IT security processes, and what (if any) improvements are being made by organisations to adapt to the new business realities.

The survey found that 85% of employees would react negatively if their personal information was breached by a company. Yet these same employees are exposing their employers to the same data breaches through negligence and poor password hygiene, the survey found.

Additionally, it highlights an ongoing challenge for IT and security professionals: 26% of employees admitted to uploading sensitive information to cloud apps with the specific intent to share that data outside the company.

Key findings from SailPoint’s 2016 Market Pulse Survey include:

Poor password hygiene continues to plague enterprises. The majority of respondents (65%) admitted to using a single password among applications, and one-third share passwords with their co-workers.

Employees don’t assume responsibility for protecting the integrity of corporate security processes. One in five employees would sell their passwords to an outsider. Of those who would sell their passwords, 44% would do so for less than $1,000. This is up from one in seven who would sell a password a year ago, according to the report.

Organisations are struggling to keep up. One in three employees admitted to purchasing a SaaS application without IT’s knowledge (a 55% increase from last year’s report). Alarmingly, more than 40% of respondents reported having access to a variety of corporate accounts after leaving their last job.

Kevin Cunningham, SailPoint president and founder, says, “This year’s Market Pulse Survey shines a light on the significant disconnect between how employees view their personal information and that of their employer, which could also include personal information of customers.

“Today’s identity governance solutions can alleviate the challenge of remembering several passwords and automate IT controls and security policies, but it’s imperative that employees understand the implications of how they adhere to those policies. It only takes one entry point out of hundreds of millions in a single enterprise for a hacker to gain access and cause a lot of damage.”

AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.