Growing security negligence in the workplace

A surprising disconnect exists between employees’ growing concern over the security of their personal information and their attitudes toward data security practices in the workplace.

A new SailPoint survey found that 85% of employees would react negatively if their personal information was breached by a company. Yet these same employees are exposing their employers to the same data breaches through security negligence and poor password hygiene.

Additionally, the survey highlights an ongoing challenge for IT and security professionals: 26% of employees admitted to uploading sensitive information to cloud apps with the specific intent to share that data outside the company.

Key findings:

Poor password hygiene continues to plague enterprises. The majority of respondents (65%) admitted to using a single password among applications, and one-third share passwords with their co-workers.

Employees don’t assume responsibility for protecting the integrity of corporate security processes. One in five employees would sell their passwords to an outsider. Of those who would sell their passwords, 44% would do so for less than $1,000. This is up from one in seven who would sell a password a year ago, according to the report.

Organizations are struggling to keep up. One in three employees admitted to purchasing a SaaS application without IT’s knowledge (a 55% increase from last year’s report). Alarmingly, more than 40% of respondents reported having access to a variety of corporate accounts after leaving their last job.

“Today’s identity governance solutions can alleviate the challenge of remembering several passwords and automate IT controls and security policies, but it’s imperative that employees understand the implications of how they adhere to those policies. It only takes one entry point out of hundreds of millions in a single enterprise for a hacker to gain access and cause a lot of damage,” said Kevin Cunningham, president of SailPoint.