Image of a woman on her laptop in a coffee shop

Three Reasons Poor Employee Security Habits Expose Public and Private Sector Organisations in Ireland  

Des Ryan

Des Ryan

Solutions Director

Read Time, 4 min.

Three Reasons Poor Employee Security Habits Expose Public and Private Sector Organisations in Ireland  

Kevin Mitnick, the famous hacker once said, “What I found personally to be true was that it’s easier to manipulate people rather than technology.”

Digital transformation is enabling and transforming organisations, driving everything from employee productivity, to the ability to be able to work remotely. However, in the drive to transform, Irish organisations are leaving themselves vulnerable to major security risks that can lead to data and revenue loss as well as significant damage to a company’s reputation. They forget to keep their employees up to date in terms of security training and awareness.

 

Microsoft Ireland today launched research on security within public and private sector organisations across the island of Ireland to get a better understanding of the security habits of employees within Ireland’s largest organisations. The research looked at what gaps were emerging that could be exploited by hackers or lead to a data breach.

 

  1. Poor password hygiene could lead to a payday for Cyber criminals

 

One major finding is that passwords have become too easy to guess or steal. Nearly a quarter (22%) of Irish employees write down their passwords, with 77% of employees relying on their memory for their work and personal passwords.

 

When it comes to password hygiene, 2 in 5 recycle both their work and personal passwords. The study also found that people do not update passwords regularly, with only half of respondents claiming to update their passwords only once a year or less.

 

With employees using the same weak passwords across dozens of different accounts across their work and home life, a stolen password could be hugely lucrative for criminals. One way to combat this is through biometric verification, which 3 in 5 employees would welcome as an alternative to workplace passwords.

 

  1. Employees working from home are more likely to engage in risky security activities

 

Improved workplace technology and more reliable broadband speeds have made working from home more accessible than ever. While the ability to be more flexible in the workplace has been welcomed by many, the research discovered that employees working from home are much more likely to engage in risky security activities.

 

Nearly half (49%) of those working from home at least once a week used their personal email account for saving, editing, sending, or sharing work-related documents, with 24% revealing that they accidentally shared work-related material with friends and family.

 

A quarter of those working from home at least once a week admit to having friends or family access work devices at home, which may violate data policies from their organisation. This is concerning when 56% of respondents reported they work from home, and almost half of these have no restrictions on document access when working from home.

 

Another worrying finding for Irish organisations is that 25% of those surveyed admitted plugging a USB thumb drive that wasn’t from their company into their work device, 12% connected back-up drives, and 5% connected a smartphone that didn’t belong to them. This increases the chances of employees compromising their identity – with Microsoft previously reporting that 81% of major data breaches last year could be traced back to this issue alone.

 

  1. Many have already fallen victim to hackers

 

With the research pointing to several areas of potential vulnerability for organisations it is unsurprising to learn that 30% of employees surveyed have been notified about a breach of their personal data. As well as this, 44% have experienced problems with phishing, hacking, cyberfraud or other cyberattacks happening in either their personal and professional lives.

 

As in the popular TV show, Mr Robot, the Hacker Elliot Alderson concluded that “humans make the best exploits” so organisations failing to factor employee behaviour into their security strategy could see security plans fail.

 

As part of its on-going efforts to drive better security for organisations, Microsoft invests $1bn each year in security, it analyses more than 6.5 trillion signals daily, processes 630 billion authentications monthly, and scans 470 billion e-mails for malware and phishing monthly.

 

In addition, Microsoft has launched two new security solutions – Microsoft Identity & Threat Protection and Information Protection & Compliance to help companies achieve their security and compliance goals.

Microsoft offers security products to both private and public sector organisations, leading with Microsoft 365 E5 which provides customers with the most extensive productivity and advanced security solutions. To answer the growing need for security and compliance solutions in an age of increasingly sophisticated cybersecurity threats, as well as complex information protection needs due to regulations like GDPR, Microsoft has now launched two new identity and compliance solutions, called Microsoft Identity & Threat Protection and Information Protection & Compliance, designed to provide customers with simpler purchase, deployment, and adoption. They are based on the Intelligent security Graph, which continuously provides the latest information about cyber security attacks and provides “up to date” security. Click here for more information about Microsoft’s security solutions.

 

Des Ryan

Director of Specialist Technology Units

 

 

Download our latest research on the cyber security climate in Ireland

How new threats and the same bad habits pose serious risk to your organisation.

Discover more related articles per industry:

Education

  • A guide to GDPR for universities

    A guide to GDPR for universities

    With the EU’s new General Data Protection Regulation coming into effect on May 25, understand how universities like yours can take the right steps towards compliance with this free eBook – and other useful resources. Your university on a journey on a journey Your university is on a journey with lots of ‘data subjects’. They’re […]

Government

  • Image of a large RTE sign at their HQ

    Microsoft Teams has quickly spread across the RTÉ campus

    Microsoft Teams has quickly spread across the RTÉ campus How an untapped resource in RTÉ helped dispersed teams collaborate and improve efficiency We recently worked with RTÉ to drive learning and collaboration. I was struck by how they have embraced Microsoft Teams and how they are now using it as a tool to drive information […]

  • Iceland runs on Trust

    How the cloud helped a small nation realise big ambitions

    In December 2015, the Icelandic government kicked off a digital infrastructure review. With more than 100 different suppliers managed by over 100 IT managers in each public institution, the brief was clear; to simplify operations and streamline IT for over 20,000 users. The solution: Fast forward two and a half years, and a decision was […]

Healthcare

  • Two female nurses having a virtual conversation through Microsoft Teams

    Belfast Trust: Reimagining patient care

    “There have been many heroic actions by our staff but we’re not heroes for what we’ve done – I’m just glad we could do our bit to help.” Paul Duffy, Co-Director of IT and Telecommunications at Belfast Trust, is talking about the monumental impact COVID-19 has had on the healthcare sector and how virtual consultations […]

  • The ‘Big Bang’ approach to digital transformation – and how to make it work

    The ‘Big Bang’ approach to digital transformation – and how to make it work

    These days there’s no such thing as ‘business as usual’. Change and disruption are the new normal. Just think of the changes affecting your organization right now, with new technology and techniques driving new attitudes and expectations from employees and customers alike. Everything is changing. And the one thing all those changes have in common […]

Manufacturing

  • Etex

    Etex uses modern tools to unite its business and better focus on customers

    When it comes to construction, all components must come together in a timely manner in order to produce the optimum product. While Etex, a Belgian building solution manufacturing company, helps make this a reality on a day-to-day basis, it wanted to find a way to enhance productivity and collaboration internally. With locations across more than […]

Retail

Discover more related articles per dossier:

Customer Stories

  • Fitness24Seven

    Fitness24Seven: Flexing new muscle with Intelligent Communications

    Fitness24Seven is one of Europe’s fastest growing fitness brands. But the company found itself needing to connect dispersed teams and improve information sharing. As Stefan Hult, Senior Consultant at Stratiteq explains: “each location was in their own little world. There was really no sort of connection across the entire company.” The solution: Simplicity and flexibility […]

Digital Transformation

Press

Security & Privacy

Tips

  • Top tips for smarter remote working with Microsoft Teams

    Top tips for smarter remote working with Microsoft Teams

    With remote working becoming the new normal for many, people are having to find different ways of effectively functioning as a team. Microsoft Teams is designed to keep colleagues productively connected and ensure that everybody can continue to work as collaboratively, efficiently and securely as in the office. So, whether you already use it or […]