... The answer is most likely, "Yes."
New Info on Employee Practices from a National Study
Dell has recently released the findings from their End-User Security Survey, and the results will probably keep you, the small business owner, up late at night with worry. Dell's key finding was that an overwhelming percentage of employees (72 percent) are willing to share confidential or sensitive corporate information, and fully a third say that taking confidential corporate data on leaving a company is common practice.
Further, 45 percent of employees surveyed admitted that they knowingly engaged in unsafe behaviors that posed security risks during the course of a typical business day. These behaviors include using un-secure public Wi-Fi to access sensitive data, using personal email accounts to send it from one place to another and losing a company-issued device.
Why is this business culture being created?
Those are jarring statistics, to be sure, but in digging a bit deeper, the survey reveals a complicated landscape. After all, there are times when it is indeed appropriate to share confidential data. These include:
• Sharing under management directive (43 percent)
• Sharing with a person who is authorized to view and access the data (37 percent)
• Instances of low risk, high reward sharing (23 percent)
• The data sharing either helps the person sharing, or the person receiving the information perform their job more efficiently and effectively (22 percent and 13 percent, respectively)
Even taking these factors into account, however, the statistics are beyond concerning, and what’s worse, the full measure of the blame cannot be placed at the feet of the employees. After all, many, if not most, feel pulled in two opposing directions by management.
Culture Dictates Practices
On the one hand, there’s the steady drumbeat of insistence that workers be more and more productive, which leads to many of these unsafe behaviors in the first place, pulling them in one direction. Then, there’s the published security policies that pull them in the opposite direction.
It can create a virtual minefield for employees, and there are no simple solutions.
Given these statistics, though, it is overwhelmingly likely that many, if not most of your employees are improperly sharing sensitive data. You may want to make correcting that problem one of your major goals for the year. The risks of doing nothing are simply too big to ignore.
Good News, business owners: YOU create your business' culture
Here is where we get back to our favorite topic: STAFF TRAINING. Staff perform unsafe technology practices, ultimately, because they believe it's not a big deal. Or that it's not as important as getting things done quickly or conveniently. The best news of all is that YOU can completely control that perception. You control the culture of your business. And if you need to change it: DO THAT! And it all starts withe regular staff training, and clear policies that are not just communicated regularly but also PRACTICED AND EMBRACED by management. You've already created the company of your dreams. It's time to start coaching the staff of your dreams, too.
