Since 2016, the average number of incidents involving employee or contractor negligence has increased by 26 per cent, and by 53 per cent for criminal and malicious insiders (Ponemon). While employees are an organisation’s biggest asset – whether they are full-time, freelancers or contractors – they can also be a prime channel for information loss via negligent or malicious actions. As such, companies need to prioritise effective training programmes across their employee base, leverage precise monitoring tools to verify safe user activity and ensure that clear protocols are in place for onboarding and offboarding employees to prevent data loss.
Key findings from the survey include:
Training, policies and technology should be prioritized: Organisations also have an opportunity to build trust via training and policies. The survey found that 43 per cent of organisations don’t have a policy that prohibits staff from taking IP/data with them when leaving the organisation. Further, 67 per cent of respondents say remote work is allowed in their organisation, and 42 per cent report contractors/freelancers use personal devices for work activity. With an evolving work environment and more devices being used to access company information, organisations need to establish clear protocols for all users handling data and IP regardless of location, device or employment status.
Employers should make employees aware of the ramifications of data leakage: Most employees aren’t aware of the repercussions that follow leaking information either accidentally or maliciously. Almost 60 per cent of organisations don’t explain the contractual penalties for putting their organisations at risk and only 36 per cent of IT leaders feel that cybersecurity is extremely important to their organisations’ general employees. As such, employers need to ensure the consequences of negligent or malicious leakage are well-defined and communicated to employees.
“The workforce is changing rapidly as remote work becomes commonplace and more companies rely on freelancers and contractors to support daily activities,” said Mike McKee, CEO of ObserveIT. “Trusting employees to keep valuable information safe should start at the top with effective training, clear guidelines and verification via technology for all users.”
ObserveIT commissioned Vanson Bourne to conduct 600 interviews with senior IT decision makers on the topic of trust within the workplace. Respondents were from organisations in the private and public sector with 2,500 or more employees, across the U.S., EMEA and APAC.