A survey by Egress Software Technologies Ltd. and Opinion Matters finds that 49% of IT leaders said employees had inadvertently put sensitive data at risk at least once in the past year, as Corporate Counsel reports. What’s more, 61% of IT leaders say they think employees leak data maliciously. That’s based on a poll of 500 U.S. and U.K.-based IT pros.
But Egress also surveyed 4,000 U.S. and U.K. employees. Among this group, 94% of U.S. respondents and 87% of U.K. respondents indicate they had not intentionally leaked data. A report on the survey results said, “When employees do recognize that they may have caused a breach, they attribute it to a high-pressure work environment, rushing to get a job done, and poor training.”
Other recent surveys show a similarly grim IT view of the rank and file, as ZDNet reports. For instance, 91% of 500 IT and security pros surveyed by BetterCloud (PDF) said they felt vulnerable to insider threats, with 62% saying the biggest risk comes from ordinary employees. The report describes ordinary employees as “the well-meaning but negligent end user.”
Separately, of the 5,856 IT and security professional worldwide surveyed by the Ponemon Institute and nCipher, 52% said employee error was the biggest threat to corporate IT security.
Lawyers say organizations should put in place training and tech to lessen the risk of data mishaps, reports Legaltech News. That includes multi-factor authentication and detailed policies on the use of employee devices for work. After all, according to the Egress survey, 29% of employees believe they own company data. The best practice is to let you use your own device but not have actual company information stored on that device,” observed Danielle Vanderzanden, co-chair of data privacy at Ogletree, Deakins, Nash, Smoak & Stewart.
"There is no being secure. What you want to be is prepared,” Rebecca Rakoski, managing partner at XPAN Law Group, told Legal Tech News.