Research of UK workers, carried out by TNS Omnibus, to help understand employees’ work habits and activities that might have an adverse effect on their productivity and the integrity of their company’s data has thrown up some interesting findings.
The risks that irresponsible use of computers at work brings are two-fold. First there are the obvious work-hours lost and unnecessary costs involved, but there is also the heightened level of potential data security threats.
According to a 2011 Ponemon Institute study 63 per cent of company IT staff think that employees’ use of social media in the workplace represents a serious security threat to their organization. In addition to that, Verizon’s 2010 study showed that nearly a half of all data breaches in 2010 were caused by insiders and 56 per cent of data breach incidents were only discovered accidentally.
So, how did the British employees do? A positive finding of the research, commissioned by Safetica, a provider of employee monitoring and data protection software, showed that at least having a policy in place reduces the (admitted) levels of undesirable activities by about one third. Bosses explaining to employees what they can and cannot do in the workplace already has a beneficial effect.
A more worrying aspect is that a relatively large percentage (up to one in four employees) engage in undesirable activities in spite of being aware of policies that prohibit them, while where policies are not in place as many as one in three employees engage in inappropriate activities.
The fact that the highest scores for admitted undesirable activity are in the printing of personal files and the use of social media may seem relatively harmless, but it does illustrate that breaking the rules is seen as relatively acceptable, while the security implications of those breaches may not even have been taken into consideration.
These range from the public facing threat of making inappropriate posts on social media, which potentially harm the company’s productivity and reputation, to the incoming threat of possible malware infection of company computers and networks caused by clicking unsafe links.
However, the numbers of people admitting to taking company files home (even if against policy) is frighteningly high. Approximately one in ten people, on average, admit to having no qualms about doing that.
For protection against the unauthorised copying, emailing, editing, or opening of company files, as well as for monitoring, reporting and preventing employees from partaking in unauthorised activities, a comprehensive software solution should be considered.