Even with all the awareness continuing, almost one in five employees in the United States still will click on a strange email, a new survey said.
Employees working in an office setting admit they have opened an email at work they thought was suspicious or a potential phishing scam without notifying the IT department, according to the results of a survey by Harris Interactive.
This continuing behavior points to an ongoing need for organizations to better educate staffers who don’t understand the risks their actions can pose.
Want more evidence employees need better education? Twenty-three percent of office workers don’t understand why their employer makes them change passwords so often.
This also underlies the need for a constant employer campaign to keep security top of mind for all employees at all times.
“These are otherwise intelligent people who, if informed about the potential consequences of their actions, would do the right thing,” said Chris Sullivan, vice president, advanced intelligence solutions at Courion, an intelligent identity and access management (IAM) provider. “Any employee may succumb to natural curiosity. Before curiosity kills the cat, organizations need to get their arms around this behavior. They need to educate their employees and use systems that eliminate risky activities.”
“It’s worrisome that despite years of software development and awareness-building, many organizations still lack control and insight into the growing access risk within their own walls,” Sullivan said.
This was an online survey within the U.S. conducted by Harris Interactive on behalf of Courion between May 31 and June 4 among 2,084 adults ages 18 and older, among which 552 work in an office setting.