Employees pose greater threat to IT security than hackers – survey

20 Dec 2012

It seems that Irish employers are more concerned about the actions of careless employees rather than external hacking threats when it comes to their IT systems, that’s according to the findings of a new survey.

ComputerScope magazine and IT distributor Data Solutions surveyed 278 IT professionals in companies around Ireland in November. The report found that 80pc of companies are more concerned about the actions of careless employees when it comes to their IT systems.

Just 15pc of respondents were more concerned about external hackers compromising their IT networks.

Interestingly, 11pc of respondents said employees are not required to report any lost personal mobile device – such as a smartphone or tablet – that had access to the corporate network and data.

In addition, 62pc of those surveyed said their organisation allows employees to access social media sites such as Facebook, with 23pc of those respondents enabling access without any restrictions or usage policies.

In all, 22pc were aware of IT security breaches within their company caused by employees accessing external sites or downloading material from external sites.

Of those security breaches due to employees accessing external sites, 36pc reported Gmail as being the offender, 40pc blamed Facebook, 34pc cited Dropbox and LinkedIn respectively, while YouTube was blamed for 34pc of security breaches and Hotmail for 41pc.

However, at 43pc, retail sites were responsible for the highest number of security breaches, according to the survey.

When it comes to educating employees about cybercrime, a third of respondents do not carry out any IT security awareness training for employees.

David Keating, security sales manager at Data Solutions, said that the survey’s findings reveal a lack of real understanding or sense of responsibility among employees for IT security within companies.

“The fact that so many IT managers are concerned about the potential actions of employees shows a great need for education and change in culture within organisations,” he said.

IT security and hacking image via Shutterstock

Carmel Doyle was a long-time reporter with Silicon Republic