Half of Workers Confess to ‘Cutting Corners’ on Cyber Security During Covid-19 Remote Working
Some 48 per cent of office workers have admitted they are less likely to follow safe data practices when working from home, according to new research from Tessian, the Human Layer Security company. The State of Data Loss Prevention report reveals findings from a global survey of 2,000 office workers and 250 IT decision-makers in the UK and the US.
The research shows that 52 per cent of office workers feel they can get away with riskier behaviour when working from home, such as sharing confidential files via email and using personal devices to conduct company business.
The top reasons for not following safe data practices included not working on their usual devices (50 per cent), not being watched by IT (48 per cent), and being distracted (47 per cent).
Additionally, over half (51 per cent) of office workers say they feel their company’s security policies impede their productivity. A further 54 per cent of staffers admitted to finding a workaround for security policies that stop them from getting their jobs done; suggesting employees place efficiency and ease-of-access above the safety and protection of data. When asked about security practices, 58 per cent of office workers said information is less secure when working from home but, at the same time, 78 per cent of office workers said their company ‘completely’ or ‘somewhat’ trusts them to stay secure when working remotely.
In addition to this, the survey reveals 84 per cent of global IT leaders indicated data loss prevention is more challenging when a workforce is working remotely. Data loss over email is particularly challenging for IT leaders to control, due to a lack of visibility of the threat. Tessian found that:
- IT leaders in organisations with over 1,000 employees estimate that just 720 emails are sent to unauthorised accounts a year. The reality, according to Tessian’s own data, is at least 27,500 unauthorised emails are sent a year — 38x more than IT leaders estimate.
- They also estimate that 480 emails are sent to the wrong person every year. Yet, Tessian data reveals that employees send at least 800 misdirected emails per year —1.6x more than IT leaders estimate.
Tim Sadler, CEO, Tessian comments:
“The Covid-19 crisis has triggered a tidal wave of challenges for businesses. Whilst they adapted fast to the abrupt shift towards remote working, the challenge businesses now face is keeping data secure from risky employee behaviour as working from home becomes the norm.
“Our research shows that people will cut corners on security best practices when working remotely and find workarounds if security policies disrupt their productivity in these new working conditions. But, all it takes is one misdirected email, incorrectly stored data file, or weak password, before a business faces a severe data breach that results in the wrath of regulations and financial turmoil. During this time, protecting people has to be all businesses’ top priority. IT decision makers, therefore, must establish clear guidelines on security best practices, enabling all staff to work efficiently and safely when away from the office.”