10 Things Employees Can Do to Improve IT Security in 2016

The line between personal and business use of apps and devices continues to blur and will drive key trends IT must consider when building a security strategy.

Increasingly, the lines between work and personal devices are blurring. Sixty percent of employees do work activities from a personal device, and 55 percent do personal activities on work devices. Further, one-third of employees access work data from personal devices more than once a day. The bring-your-own-device movement is here to stay, and companies must figure out how to support it securely.

While employees admit to less-than-stellar password-related behavior, enterprise IT teams keep them on track. Seventy-six percent of employees say they’re prompted to change their passwords every one to three months by IT, and 52 percent have changed their work passwords in the last month.

The majority of employees give IT passing marks. Eighty-two percent of employees say their company has good or excellent password and authorization measures in place. As software, device and technology use transforms due to rapid innovation in the space, IT must be able to keep employees educated about how to keep their identities secure.

Enterprises’ education efforts around security best practices are paying off: 79 percent of employees say they understand which online activities expose their personal or corporate information.

Employee intentions are well intact: 58 percent of respondents believe protecting work-related information is very important, even more so than their personal emails and home addresses. With trust in IT as well as education and security awareness online, the outlook for 2016 security is bright.

More than three-quarters of employees believe it’s risky to share passwords, but 37 percent are still likely to do so. In fact, 54 percent admit to sharing log-in credentials with family so they can access each other’s computers, smartphones and tablets. Employees today use work and personal devices interchangeably; it’s prudent for IT to assume their corporate network may extend farther than expected.

If your account has been breached and your log-in credentials are in the hands of malicious hackers, it’s wise to assume those hackers will test those credentials (email, username, password) every day for the next 10 years. It’s easy to see why password reuse is risky. Half of respondents admit they are likely to reuse passwords for work-related accounts and two-thirds are likely to reuse passwords for personal accounts.

When asked about work and personal credentials, employees admitted to being more careful when it comes to their work log-in credentials. Three-quarters of employees would not give up their work email log-in credentials for anything.

While 74 percent of employees wouldn’t give up their work email credentials for anything, one in 10 would trade them for a paid mortgage or rent for one year. Further, 14 percent would give up their work email log-in credentials to pay off student loans.

Fifty-nine percent of employees believe IT is accountable in the event of a corporate data breach. C-level executives are the next to be held accountable at 17 percent, and only 11 percent believe they, as individuals, would be held accountable in the event of a breach.