Today’s workforce is caught between two imperatives: Be productive and efficient on the job and maintain the security of company data.
The results of an end-user security survey by Dell indicate among the professionals that work with confidential information on a regular basis, there is a lack of understanding in the workplace regarding how confidential data should end up shared and data security policies.
This lack of clarity and confusion is not without merit; there are many circumstances under which it makes sense to share confidential information in order to push business initiatives forward.
Three in four employees say they would share sensitive, confidential or regulated company information under certain circumstances for a wide range of reasons including:
• Being directed to do so by management (43 percent)
• Sharing with a person authorized to receive it (37 percent)
• Determining that the risk to their company is very low and the potential benefit of sharing information is high (23 percent)
• Feeling it will help them do their job more effectively (22 percent)
• Feeling it will help the recipient do their job more effectively (13 percent)
The survey found when employees handle confidential data, they often do so insecurely by accessing, sharing and storing the data in unsafe ways.
Twenty-four percent of respondents indicated they do so to get their job done and 18 percent said they did not know they were doing something unsafe. Only 3 percent of respondents said they had malicious intentions when conducting unsafe behaviors.
• Forty-five percent of employees admit to engaging in unsafe behaviors throughout the work day
• These behaviors include connecting to public Wi-Fi to access confidential information (46 percent), using personal email accounts for work (49 percent), or losing a company-issued device (17 percent)
• One in three employees (35 percent) said it is common to take corporate information with them when leaving a company
• Employees take on unnecessary risk when storing and sharing their work, with 56 percent using public cloud services such as Dropbox, Google Drive, iCloud and others to share or back-up their work
• Forty-five percent of employees will use email to share confidential files with third-party vendors or consultants
The survey also found 36 percent of employees feel very confident in their knowledge of how to protect sensitive company information, even though 63 percent of polled employees must complete cybersecurity training on protecting sensitive data. Of those who received cybersecurity training, 18 percent still conducted unsafe behavior without realizing what they were doing was wrong.