Censornet has released its report Empowering the People: Critical Security Challenges of 2020, which uses insights gathered from a survey of 300 cyber security professionals to explore the reality of the role of security during a global pandemic.
Surveyed during the lockdown period, 67 percent of security professionals reported that they had caught employees engaging in unsafe or unproductive activity on the web. Perhaps unsurprisingly, the most common bad behaviour was employees using streaming services at work such as Netflix or Amazon Prime (35 percent). However, many employees are also bringing potentially harmful content onto the corporate network:
- 27 percent reported that they had caught employees downloading pirated material on work devices
- 21 percent saying they had caught employees visiting adult sites at work
- 21 percent said employees had bypassed web security to access blacklisted sites on the company network
Interestingly, when they were asked, security professionals also admitted that they too were guilty of bending the rules and best practices of online employee behaviour, including: using entertainment streaming services at work (22 percent), using work credentials for personal accounts such as e-commerce sites (22 percent), downloading pirated content (17 percent) and even visiting adult sites at work (11 percent).
An even higher percentage (76 percent) reported employee behaviour in the cloud that could be putting their company at risk. The most common was employees using the same password across multiple accounts. However, more serious incidents included storing sensitive data without proper protection, sharing links to documents with third parties without authorization and sharing their cloud service logins with other people.
In spite of these findings, the survey also discovered that cyber security staff appeared to underestimate the risk that these activities posed to their organisation’s security:
- 91 percent of respondents believe that their cloud security solutions are adequately protecting people at home
- 91 percent also believe that their organisation’s cyber security strategy was prepared to support their colleagues working from home