Canadian Security Magazine

News
Canadians show “slight maturity” in workplace data security: Dell End User Security Survey 2017

Dell is releasing the results of its Dell End-User Security Survey, which finds that not only are many employees likely to share confidential information, but that they are doing so without proper data security protocols in place or in mind. Results show that today’s workforce is caught between two imperatives: be productive and efficient on the job and maintain the security of company data. To address data security issues, companies “must focus on educating employees and enforcing policies and procedures that secure data wherever they go, without hindering productivity”, Dell says.


April 21, 2017
By Staff

 
Survey results indicate that among the professionals that work with confidential information on a regular basis, there is a lack of understanding in the workplace regarding how confidential data should be shared and data security policies.

Three in four employees say they would share sensitive, confidential or regulated company information under certain circumstances for a wide range of reasons including:
• Being directed to do so by management (43 per cent)
• Sharing with a person authorized to receive it (37 per cent)
• Determining that the risk to their company is very low and the potential benefit of sharing information is high (23 per cent)
• Feeling it will help them do their job more effectively (22 per cent)
• Feeling it will help the recipient do their job more effectively (13 per cent)

Nearly one in five employees in financial services (19 per cent) would share confidential information, and employees in healthcare (32 per cent), federal government (32 per cent) and education (25 per cent) are also open to disclosing confidential or regulated data at alarmingly high rates.
 
“When security becomes a case-by-case judgement call being made by the individual employee, there is no consistency or efficacy,” said Brett Hansen, vice-president of Endpoint Data Security and Management at Dell. “These findings suggest employees need to be better educated about data security best practices, and companies must put procedures in place that focus first and foremost on securing data while maintaining productivity.”
 
The survey also finds that when employees handle confidential data, they often do so insecurely by accessing, sharing and storing the data in unsafe ways. Twenty-four per cent of respondents indicated they do so to get their job done and eighteen per cent say they did not know they were doing something unsafe. Only 3 per cent of respondents said they had malicious intentions when conducting unsafe behaviours.
 
Forty-five per cent of employees admit to engaging in unsafe behaviours throughout the work day including connecting to public Wi-Fi to access confidential information (48 per cent), using personal email accounts for work (52 per cent), or losing a company-issued device (21 per cent).

One in three employees (35 per cent) say it is common to leave a company and take corporate information with them.

Advertisment

Employees take on unnecessary risk when storing and sharing their work as well with 56 per cent using public cloud services such as Dropbox, Google Drive, iCloud and others to share or back-up their work.

Forty-five per cent of employees will use email to share confidential files with third-party vendors or consultants.
 
While Canadians are below the global average, the survey findings show that they are also struggling to adapt to the new digital workforce. Like their global counterparts, Canadian employees are handling confidential data insecurely by accessing, sharing and storing the data in unsafe ways. Twenty-two per cent of respondents indicated they do so to get their job done, while 25 per cent say they did not know they were doing something unsafe. Only 1 per cent of Canadian respondents said they had malicious intentions when conducting unsafe behaviours, compared 3 per cent globally.
 
Nearly three in four Canadian employees say they would share sensitive, confidential or regulated company information under certain circumstances. The most cited circumstance for Canadians being that they were directed to do so by management: 40 per cent, compared to 43 per cent globally.
 
“While every company has different security needs, this survey shows how important it is that all companies make an effort to meet employees in the middle to better understand daily tasks and scenarios in which employees may share data in an unsafe way,” said Hansen. “Creating simple, clear policies that address common scenarios employees experience in addition to endpoint and data security is key to maintaining that balance between protecting your data and empowering employees to be productive.”
 
Dimensional research conducted an online survey commissioned by Dell Data Security among 2,608 professionals that personally have access to and work with confidential, sensitive or regulated data and information at companies with more than 250 employees. Participants were surveyed across eight countries, including Canada, Australia, France, Germany, India, Japan, the United Kingdom and the United States. The research was conducted from Feb. 24 to March 9, 2017.
 
Full report can be found at: http://dellsecurity.dell.com/dell-end-user-security-survey