We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
Workers in the finance sector in the US and UK are frustrated with the security restrictions their employers implement and have a higher tendency to flout policy than other industries, new research from security software specialists IS Decisions has revealed. Password sharing is more common than average in the finance sector, with just under a quarter (24%) sharing their work related passwords. This is despite a higher majority than in any other sector (69%) acknowledging awareness that it represents a risk to their employer.
One quarter (25%) of finance sector employees are frustrated with their employer’s security policies, and 10% of those admit actively attempting to find workarounds.
This findings, which are revealed in IS Decisions’ new report ‘From Brutus to Snowden: a study of insider threat personas’, suggest that the strict policy restrictions often required in finance are causing widespread frustration which in turn is leading to more common attempts to flout those restrictions.
Another area for particular concern in the finance sector is security policy around employee termination. A full 41% of finance sector workers claimed to have had access to a former employer’s data or systems after leaving a job, 5% higher than the cross-industry average 36%.
Asking employees in finance what might help motivate them to be more security conscious and not share passwords, the most common response (29%) was if sharing their login with someone else restricted their own access. Finance sector workers were also more likely than average (12% compared to 8%) to say that a better example set by management would encourage them to behave more responsibly.
François Amigorena, CEO of IS Decisions, said, “Naturally organisations in the financial sector are operating with especially sensitive data and frequently are required to be compliant with a number of regulatory requirements. And employees in the sector are more aware of security risks than in other industries. Yet, it seems that good awareness does not translate into good behaviour, with a higher propensity for bad practice such as password sharing and more common purposeful attempts at circumventing restrictions.
“Then the law sector’s poor record for following employee termination security process show that while attention may be being paid to regulatory requirements, other security basics are being allowed to slip.
“The lesson here is that while regulations have to be adhered to, attention to detail is required. Users apparently understand that password sharing is a risk, yet they are still doing it; do they know why it’s a risk? Are their restrictions applied specifically to this behaviour? And importantly, are the senior people setting the right example?”
