Employees Ignore Security Policies At Alarming Rate Says New Study
No matter how good, expensive or robust your security system is, your employees are always the weakest link. In fact, in some cases, your own policies might be pushing them to “rational noncompliance,” a situation in which your employees break the rules in order to make their jobs easier.
The statistics are alarming. According to a survey conducted by Data Privacy firm CEB, fully 90% of employees admit to rational noncompliance for the sake of convenience. Two thirds say that they regularly email company files to personal email addresses so they can work from home.
The combination of increasing reliance on cloud-based solutions and BYOD policies makes this increasingly easy for employees to do, which raises the stakes and makes life much more complicated for your digital security staff.
These actions, while seemingly innocuous, open the door to a variety of risks, all of which spell bad news for your bottom line. In fact, CEB found that on average, Fortune 1000 companies spend more than $400,000 notifying customers and employees of data breaches each year, to say nothing of the money spent in the ongoing effort to address the shortcomings in digital security as they are found.
It’s important to understand that this rational noncompliance behavior does not stem from any sort of desire to do the company harm. It’s simply an outgrowth of security policies that are not always thought through completely, and can inadvertently lead to a bottleneck in workflow.
What’s the current state of digital security in your company? Do you have policies currently in place that are making it difficult, if not impossible for your employees to do their jobs without violating them?
If you’re not sure, give us a call today, and one of our talented team members will be happy to work with you to review your current security situation and make recommendations on how it can be improved to save you money.