Aussie workers not following security policies
Australian employees are creating a security nightmare for CIOs by not complying with IT and security policies, research from document productivity company Nitro indicates.
While the wide majority of enterprises mandate what software (88%) and devices (91%) employees can use, more than half of employees (52%) are continuing to create security risks by using personal devices for work.
One in four employees (23%) report resorting to using their personal devices because of a lack of suitable pre-installed software on company-issued devices, and 27% of employees report installing unsanctioned software themselves as a result of this shortage.
In addition, 38% admit to sending work-related documents through personal email accounts and 10% are saving their work communications or files on non-password protected devices.
Almost a third of employees (29%) admit to sending files to colleagues because they don’t have the required software to complete tasks like opening, editing, signing or securing documents.
Lax security practices are common across organisations, with managers and C-suite level employees admitting negligence on par with junior workers.
“A ‘shadow IT’ environment of mismatched software and inconsistent product life cycles makes it nearly impossible for IT managers to protect against security vulnerabilities,” Nitro APAC Director Adam Mowiski said.
“In a world where data breaches are increasingly commonplace, there remains a disconnect between the security policies at Australia’s largest enterprises and the real-world behaviours of employees. Security remains a top priority for CIOs and IT managers, but it requires a company-wide compliance culture to ensure procedures are followed.”
With the rise of ransomware as a prominent security threat, Nitro’s research also found that employee mistakes such as opening phishing emails are considered the most likely security threat (40%), significantly ahead of external attacks from hackers or fraudsters (24%).
Secure-by-design software development for digital innovation
The rise of DevSecOps methodologies and developments in AI offers every business the opportunity...
Bolstering AI-powered cybersecurity in the face of increasing threats
The escalation of complex cyber risks is becoming a pressing issue for those in business...
How attackers are weaponising GenAI through data poisoning and manipulation
The possibility for shared large language models to be manipulated through data poisoning...