One in three enterprise employees guilty of sending work documents through personal email accounts
August 29, 2017 – Employees are exposing Australia’s largest organisations to security threats by saving work documents on unsecured devices or using personal email accounts, reveals new research from leading document productivity company Nitro.
The survey of 300 large* enterprise employees, from entry to senior management level, discovered a major disconnect between worker behaviour and IT policies while identifying the lack of software standardisation as a potential non-compliance driver.
Despite the majority of enterprise businesses mandating what software (88%) and devices (91%) employees can use, the study found employees continue to create security risks by using personal devices for work (52%), sending work-related documents through personal email accounts (38%), and saving their work communications or files on devices without password protection (10%).
Surprisingly, risky security practices don’t decline further up the organisational ladder. Research revealed that employees ranging from Manager to C-Suite admitted negligence on par with junior workers.
CIO blind spots leave systems open to ransom
Given the rising numbers of global ransomware outbreaks—including two attacks in two months that affected the Australian offices of Cadbury and DLA Piper—it has never been more important for CIOs and IT managers at large organisations to minimize all potential vulnerabilities.
Nitro APAC Director Adam Nowiski reports “In a world where data breaches are increasingly commonplace, there remains a disconnect between the security policies at Australia’s largest enterprises and the real-world behaviours of employees. Security remains a top priority for CIOs and IT managers, but it requires a company-wide compliance culture to ensure procedures are followed.”
“Our study revealed software standardisation is too often an overlooked tool in the CIOs kit bag for plugging potential data leaks and driving top-down culture change to an environment free of disparate solutions, inefficient processes, and risky employee workarounds.”
Security through digital standardisation
Research revealed that mismatched software products and versions cause compliance challenges among a significant portion of employees, including one in four (23%) who resort to using personal devices because they don’t have suitable pre-installed software and 27% who install unsanctioned software themselves.
In addition to creating potential security risks, the lack of standardisation within Australian enterprises is also causing productivity bottlenecks across the workforce. Since many employees are unequipped with the software they need to accomplish key tasks like opening, editing, signing, and securing documents, almost one-third (29%) of workers must send files to a limited number of “power users” who have access to the right tools.
“A ‘shadow IT’ environment of mismatched software and inconsistent product lifecycles makes it nearly impossible for IT managers to protect against security vulnerabilities,” Nowiski said.
“Standardised environments allow IT managers to focus on protecting and optimising organisations’ IT systems based on uniform versions of solutions. At Nitro we work closely with customers to achieve such environments, providing change management support and creating practical strategies that save time, money, and IT resources.”
Key Nitro research findings include:
Note to Editors
*Survey conducted via Pure Profile in June 2017 using an online survey method. Survey completed by 300 Australians working at organisations with 500 people or more.
Jordan Lambe firstname.lastname@example.org 03 9268 7800
Molly Bruce email@example.com