The transition to working from home caught a lot of companies off guard this year. A new survey from security firm Trend Micro shows that while over two-thirds of Aussies are more aware of their companies security policies, some are choosing to ignore them anyway.
First, the good news, the survey showed that 83% of respondents said they take instructions from their IT team seriously, with 78% taking part responsibility for IT security within their corporation themselves.
Unfortunately, the survey showed that often convenience won out over the security policies in place, with 51% of employees admitting to using a non-work application on their issued corporate device, and 68% of those respondents have uploaded corporate data to that application. As concerning as that is, 7% of respondents also admitted to watching or accessing porn on their work laptop, and 7% access the dark web <Insert Shock face emoji>.
It’s the drive to get things done that appears to be pushing some workers to take the risk of using non-work applications like Google Drive, or other services – with almost a quarter of respondents thinking they can use non-work applications, because ‘the solutions provided by their company are ‘nonsense’’.
Ashley Watkins, Managing Director, Commercial, Trend Micro ANZ, explains ‘Although there is a high level of security awareness in Australia, its concerning to see that some learned employee behaviour continues to create vulnerabilities for organisations. Whilst many employees are aware of the risks, the statistics show that this isn’t necessarily translating into action, so organisations need to identity and address this through training – now more than ever.’
They say the perfect network is one without users, but to get anything done, we have to get on there eventually and that’s where company cyber security policies come into play. It’s a worrying trend the amount of people utilising non-authorised services, and even porn on their work devices, and it only leads to more locked down devices.
Educating users on why policies are in place is often the best course of action. As we ease restrictions, Australian organisations are facing the conundrum of how their working from home policies will work into the future. Cybersecurity works best when both IT and users agree on a clear process, policy and action, so hopefully these results will serve as a starting point to improve both security and convenience.