New research from Microsoft has found that employees are still the biggest IT security risk to businesses.
Employees’ poor habits can put organisations at risk of critical data loss which can have severe legal and reputational repercussions.
Almost half of employees admitted they had no security training in the past 12 months, while 36 percent said they plugged a non-work data device such as a USB pen drive in to their work computer, which could lead to data loss or the introduction of viruses and malware on to the company IT network.
The research also found that 24 percent of people working from home have accidently shared work-related material with friends and family. In addition, a third used personal email for work-related or customers information storage which could be a violation of GDPR if/when they leave the company.
Basic password rules are also being ignored. 44 percent of staff are reusing old passwords, and only 16 percent updated their passwords in the last 12 months.
“The majority of security breaches can be traced back to compromised user identity,” said Des Ryan, Microsoft Ireland’s Solutions Director. This made the finding that 22 percent of people still admitted to writing down their passwords more serious, he said.
The second stand-out finding for Mr Ryan was the number of people using non-work devices to back up data. “Data is now a major differentiator for people,” he said. “The fact that 36 per cent of people backed up data to USB drives etc. is really scary. Where are they moving it to?”
The research, which was conducted by Amarach on behalf of Microsoft, questioned 700 employees working in large Irish organisations (more than 100 staff) across both the public and private sector.
Information taken from article on Irish Times https://www.irishtimes.com/business/technology/employees-are-major-risk-to-employers-cyber-security-study-finds-1.3797153