Insight: 90% of UK employees create vulnerabilities through poor cybersecurity practices
In its 2017 Secure Access Threat report, Bomgar says that when faced with security measures that seemingly hinder efficiency, workers will use shortcuts without considering the risks.
The results of the UK study reveal that 90% of employees polled admitted to having stayed logged on to systems, thereby preventing appropriate implementation of security policies such as the automatic rotation of passwords.
While 80% admitted to having sent files to personal email accounts, which expands the sprawl of sensitive information outside of the business network, 80% said they had logged on over unsecured WiFi networks from places such as cafés and coffee shops.
In addition, 78% revealed they had shared passwords with colleagues and 81% admitted to having written down passwords.
Despite all the above, it was found that 41% of security professionals completely trusted their employees with privileged access although they were aware that there were risks. While 42% were not primarily worried about breaches of malicious intent, 89% were concerned that a breach was possible due to employees unintentionally not following good practice procedures.
“Security solutions are vital, but they need to be usable,” said Matt Dircks, Bomgar chief executive. “Access to systems should be granted in seconds while still providing all of the checks and balances to mitigate threats. These findings are a wake-up call to IT teams that they shouldn’t slow things down in the name of security. Organisations need to employ tighter security policies and training programmes, but also implement security solutions that work with how users carry out their day-to-day jobs.”
The study also found that 66% of respondents thought that employees might still retain access to their corporate networks.
“It only takes one employee to leave an organisation vulnerable,” Dircks added. “With the continuation of high-profile data breaches, many of which are caused by compromised privileged access and credentials, it’s crucial that organisations control, manage, and monitor privileged access to their networks to mitigate the risk.”
Email this article to a friend
You need to be logged in to use this feature.
Please log in here