Do Canadian Employees Follow Proper Security Practices?
By Talia Jackson-King | November 30, -0001
New survey results suggest not.
“Despite [organizations] new level of cloud sophistication,” (2 Softchoice) employees still propagate the same risky behaviours as they always have, or so found a study published in April of 2016. Canadians commit those risky behaviors at particularly high rates.
Canadian and American workers are particularly likely to open their employers to attack when they use cloud apps, according to the study. The study was conducted by Softchoice Corporation on 1500 workers, from both Canada and the US, who use technology such as laptops, for their work.
Of those surveyed, 1 in 5 of the employees surveyed admitted that they access work files from a device that isn't password protected (6), and 1 in 4 workers also save passwords in an unprotected document (6). 1 in 5 lost devices are not password protected (6).
Significantly more Canadian committed security violations than Americans, with 39% of Canadians saying that they access work files from a device without a password (13), or remotely via an unsanctioned, and potentially unsafe, app (13). That means that more than a third of Canadians surveyed do not properly secure work files, let alone use proper security measures. 41% of Canadians even keep their password on Post-it notes (13).
These are all clearly bad security practices- and yet workers across North America, but particularly within Canada- continue to commit them. Part of the problem appears to be one of understanding; 44% of employees were given no instruction on how to securely transfer and store private corporate data (5), and more than half of employees have not been instructed how to safely access the cloud (5).
Despite- or perhaps due to- this lack of understanding, 81% of Canadians and 60% of Americans feel that their IT department provides an optimal level of support. (12)
When main devices used for work include smartphones at 51% (3) of employees, and tablets at 27% (3), it is important that workers remember to protect their data when using the cloud, and yet the results of the Softchoice study demonstrate that many workers are not nearly careful enough about computer security.
In fact, employees with access to the cloud are twice as likely to store passwords on unprotected hard-drives (7), manage passwords in unprotected documents (7), and access work files from an unprotected device (7).
In the study summary, Softchoice makes some recommendations to cut down on these, and other, risky behaviours. The recommendations include: prioritizing training and communication (14), and managing the sprawl of apps and connected devices with management platforms that limit the amount of passwords employees need to use regularly (16).
While, in the short term, such suggestions many not seem a priority, consider the fact that the majority of cases where hackers gained access to supposedly secure customer databases, from EBay (14,500,000 accounts compromised) 1, Target (70,000,000) 2, to a US voter database (191,000,000) 3, the importance of following good security practices should not be undervalued.
The simplest fix to a problem is often the most effective, and in this case, that means patching up the current holes in security networks, rather than over-exaggerating the prowess of the average hacker. Following basic good practices, like securing passwords, putting basic locks on devices, keeping up with security updates and backing up data should help to protect businesses from hackers looking for an easy payday.
McCandless, David. "World’s Biggest Data Breaches & Hacks — Information Is Beautiful." Information Is Beautiful. David McCandless, 6 May 2016. Web. 09 June 2016.
Softchoice Corporation. "Still Careless Users In The Cloud - Research Study."Slideshare. Softchoice