From lax password security to rogue IT behavior, North American workers continue to be careless users in the cloud, according to a Softchoice survey of 1,500 people across the United States and Canada.
On average, North American employees use two devices for work, and while desktops are still common, more nimble devices such as tablets and smartphones are stealing workday share.
Half of employees who use cloud-based apps for work have access to three or more IT-approved apps, but a significant number of employees are unaware of the risks of their careless technology habits.
"We did a similar study on employee habits around cloud and mobile devices two years ago. What surprised me about this study is that, while businesses have grown more sophisticated in their use of cloud over the past two years, employees’ bad technology habits haven’t changed at all," Sara Onyschuk, director of client and cloud solutions at Softchoice, told eWEEK. "They haven’t gotten worse, but they also haven’t gotten any better."
She said employees are still exhibiting the same kinds of dangerous behavior around shadow IT and password protection despite—one would hope—having a more intimate knowledge of cloud and the risks involved.
According to the study, 20 percent of respondents still display their passwords in plain sight, such as on Post-It notes.
Outside the office, around 20 percent employees are accessing work through devices that are not password-protected at all.
Onyschuk explained passwords aren’t the only line of defense, but they’re first line of defense in keeping private data private.
"CIOs can also help remove employee error from the equation by encouraging the use of IT-sanctioned cloud apps within a secure cloud platform," Onyschuk said. "The advantage of cloud is that it allows employees to access information anywhere, anytime and from just about any Internet-connected device. They’re likely already doing it, whether it’s from an app that IT provided or an app they downloaded on their own."
She explained if employees are using the apps via a secure platform that IT provides, even if an employee loses a device that isn’t password-protected, IT has the ability to cut off access to it.
"If an employee leaves the company, they can de-provision their account and the data in kept in-house. Providing the right tools can only take you so far," she said. "IT also needs to a better job training and communicating best practices."
The survey found 58 percent of employees have not been instructed on the right way to download and use cloud apps, and 44 percent have not been told how to securely transfer and store data.
"Communicating in regular intervals and offering a quick refresher training sessions will not only help keep the do’s and don’ts of cloud top of mind, it will also help employees to better understand the risks of their bad technology habits," Onyschuk said.