Why Employees Are Often the Weakest Link in Enterprise Security Chain

 
 
By Don Reisinger  |  Posted 2015-01-28
 
 
 
 
 
 
 
 
 
  • Previous
    Why Employees Are Often the Weakest Link in Enterprise Security Chain
    Next

    Why Employees Are Often the Weakest Link in Enterprise Security Chain

    By Don Reisinger
  • Previous
    How Much Would You Sell a Password For?
    Next

    How Much Would You Sell a Password For?

    While most IT decision-makers would like to believe their employees have a vested interest in keeping their workplace IT systems secure, the SailPoint survey showed that some employees would sell off their passwords for remarkably little. According to SailPoint, one in six employees say that they would sell their corporate passwords "for the right price." Some respondents said that the price they're seeking is as little as $150.
  • Previous
    Password Sharing Remains a Common Occurrence
    Next

    Password Sharing Remains a Common Occurrence

    Don't expect that your employees are actually keeping their log-in credentials private. In fact, 20 percent of respondents say that they often share their credentials with fellow employees, despite the fact that such a practice can cause all kinds of security problems in the office.
  • Previous
    Password Reuse Is Still a Common Activity Despite Frequent Warnings
    Next

    Password Reuse Is Still a Common Activity Despite Frequent Warnings

    One of the cornerstones of enterprise password security is not to reuse passwords for multiple applications or computers. However, 56 percent of employees say that they often use their corporate credentials for other services they regularly use, including cloud applications like Dropbox and Google Drive.
  • Previous
    It's Essential to Require Regular Password Changes
    Next

    It's Essential to Require Regular Password Changes

    If there's anything that IT staff should do, it's to force employees to change passwords from time to time. A surprisingly large number of employees—14 percent—say they use the same passwords across all applications and see no need to change them.
  • Previous
    BYOD Does Have an Impact on IT Security
    Next

    BYOD Does Have an Impact on IT Security

    Those who don't think the consumerization of IT is affecting them are in for a rude awakening. According to the data from SailPoint, 70 percent of employees use their personal mobile devices for work purposes. Furthermore, 63 percent of employees said they regularly use their own devices to access corporate data, creating a worrisome mix of personal and enterprise information all on the same device.
  • Previous
    Corporate Data Is Leaking Out Through the Cloud
    Next

    Corporate Data Is Leaking Out Through the Cloud

    The cloud has become a real issue for IT. Despite many companies limiting which cloud services employees should use to share corporate information, 20 percent of workers say they employ unauthorized cloud services to send files to people outside the company.
  • Previous
    IT Managers Are Kept in the Dark About Data Sharing
    Next

    IT Managers Are Kept in the Dark About Data Sharing

    Keeping IT in the dark about data access and data sharing seems to be a corporate sport. Twenty percent of survey respondents who use cloud applications to share corporate data with others said they do it without telling IT about their activities. As far as they know, they're sending corporate data through unauthorized channels without IT knowing the difference.
  • Previous
    Corporate Data Monitoring Is Less Than Ideal
    Next

    Corporate Data Monitoring Is Less Than Ideal

    Corporate policies aimed at limiting the impact sharing sensitive data can have on a company are sorely lacking in the enterprise. Less than one-third of employees say that their companies have corporate policies in place that closely monitor how they share "mission-critical" data. In other words, the vast majority of companies aren't closely monitoring how important information is being shared.
  • Previous
    There Are Policies on Corporate Data Theft
    Next

    There Are Policies on Corporate Data Theft

    While companies aren't necessarily monitoring information the way they should, they at least have some policies that govern what to do if and when disaster strikes. According to SailPoint, 60 percent of the employees surveyed said they were aware of corporate policies that dictate what should happen if their companies fall victim to data theft.
  • Previous
    The Risks Don't Decrease When Employees Depart
    Next

    The Risks Don't Decrease When Employees Depart

    Employees in the office might be scary enough, but the troubles don't end after they leave. Two-thirds of employees say that even after they leave a company, they can access corporate cloud services, indicating that their accounts weren't turned off. In addition, 25 percent of employees say that if they left a company, they would take corporate data with them.
 

Security breaches have become a common occurrence. In many cases, companies fall victim to coordinated attacks by sophisticated hackers. But often network and data breaches occur because of employee mistakes or willful malfeasance. Recent studies from SailPoint Security show the big impact employees have on corporate security for good or ill. While there are some data points that are positive, many of the findings show that employees are still a major area of risk for corporate data security due to a lack of knowledge or a lack of strong corporate security policies. This eWEEK slide show covers some of SailPoint's findings and shows IT decision-makers what's really going on in their offices. From issues with passwords to problems with cloud services, the number of security woes brought to the office by employees is enough to make even the most vigilant IT decision-maker worry. Read on to learn more about security and how employees are putting company data at risk. The findings are based on a survey of 1,000 employees at large organizations around the world.

 
 
 
 
 
Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel