Image of a woman on her laptop in a coffee shop

Three Reasons Poor Employee Security Habits Expose Public and Private Sector Organisations in Ireland  

Des Ryan

Des Ryan

Solutions Director

Read Time, 4 min.

Three Reasons Poor Employee Security Habits Expose Public and Private Sector Organisations in Ireland  

Kevin Mitnick, the famous hacker once said, “What I found personally to be true was that it’s easier to manipulate people rather than technology.”

Digital transformation is enabling and transforming organisations, driving everything from employee productivity, to the ability to be able to work remotely. However, in the drive to transform, Irish organisations are leaving themselves vulnerable to major security risks that can lead to data and revenue loss as well as significant damage to a company’s reputation. They forget to keep their employees up to date in terms of security training and awareness.


Microsoft Ireland today launched research on security within public and private sector organisations across the island of Ireland to get a better understanding of the security habits of employees within Ireland’s largest organisations. The research looked at what gaps were emerging that could be exploited by hackers or lead to a data breach.


  1. Poor password hygiene could lead to a payday for Cyber criminals


One major finding is that passwords have become too easy to guess or steal. Nearly a quarter (22%) of Irish employees write down their passwords, with 77% of employees relying on their memory for their work and personal passwords.


When it comes to password hygiene, 2 in 5 recycle both their work and personal passwords. The study also found that people do not update passwords regularly, with only half of respondents claiming to update their passwords only once a year or less.


With employees using the same weak passwords across dozens of different accounts across their work and home life, a stolen password could be hugely lucrative for criminals. One way to combat this is through biometric verification, which 3 in 5 employees would welcome as an alternative to workplace passwords.


  1. Employees working from home are more likely to engage in risky security activities


Improved workplace technology and more reliable broadband speeds have made working from home more accessible than ever. While the ability to be more flexible in the workplace has been welcomed by many, the research discovered that employees working from home are much more likely to engage in risky security activities.


Nearly half (49%) of those working from home at least once a week used their personal email account for saving, editing, sending, or sharing work-related documents, with 24% revealing that they accidentally shared work-related material with friends and family.


A quarter of those working from home at least once a week admit to having friends or family access work devices at home, which may violate data policies from their organisation. This is concerning when 56% of respondents reported they work from home, and almost half of these have no restrictions on document access when working from home.


Another worrying finding for Irish organisations is that 25% of those surveyed admitted plugging a USB thumb drive that wasn’t from their company into their work device, 12% connected back-up drives, and 5% connected a smartphone that didn’t belong to them. This increases the chances of employees compromising their identity – with Microsoft previously reporting that 81% of major data breaches last year could be traced back to this issue alone.


  1. Many have already fallen victim to hackers


With the research pointing to several areas of potential vulnerability for organisations it is unsurprising to learn that 30% of employees surveyed have been notified about a breach of their personal data. As well as this, 44% have experienced problems with phishing, hacking, cyberfraud or other cyberattacks happening in either their personal and professional lives.


As in the popular TV show, Mr Robot, the Hacker Elliot Alderson concluded that “humans make the best exploits” so organisations failing to factor employee behaviour into their security strategy could see security plans fail.


As part of its on-going efforts to drive better security for organisations, Microsoft invests $1bn each year in security, it analyses more than 6.5 trillion signals daily, processes 630 billion authentications monthly, and scans 470 billion e-mails for malware and phishing monthly.


In addition, Microsoft has launched two new security solutions – Microsoft Identity & Threat Protection and Information Protection & Compliance to help companies achieve their security and compliance goals.

Microsoft offers security products to both private and public sector organisations, leading with Microsoft 365 E5 which provides customers with the most extensive productivity and advanced security solutions. To answer the growing need for security and compliance solutions in an age of increasingly sophisticated cybersecurity threats, as well as complex information protection needs due to regulations like GDPR, Microsoft has now launched two new identity and compliance solutions, called Microsoft Identity & Threat Protection and Information Protection & Compliance, designed to provide customers with simpler purchase, deployment, and adoption. They are based on the Intelligent security Graph, which continuously provides the latest information about cyber security attacks and provides “up to date” security. Click here for more information about Microsoft’s security solutions.


Des Ryan

Director of Specialist Technology Units



Download our latest research on the cyber security climate in Ireland

How new threats and the same bad habits pose serious risk to your organisation.

Discover more related articles per industry:


  • A guide to GDPR for universities

    A guide to GDPR for universities

    With the EU’s new General Data Protection Regulation coming into effect on May 25, understand how universities like yours can take the right steps towards compliance with this free eBook – and other useful resources. Your university on a journey on a journey Your university is on a journey with lots of ‘data subjects’. They’re […]

  • Make remote learning work better for everyone. Find out how.

    Make remote learning work better for everyone. Find out how.

    Since the COVID-19 outbreak first hit China, our education customers in the country have done amazing things to keep students engaged while they transition to remote learning. From eLearning innovations, to keeping students’ spirits high with photo and cooking challenges – teachers and students have shown extraordinary resilience during this difficult time. Now, as the […]




  • Etex

    Etex uses modern tools to unite its business and better focus on customers

    When it comes to construction, all components must come together in a timely manner in order to produce the optimum product. While Etex, a Belgian building solution manufacturing company, helps make this a reality on a day-to-day basis, it wanted to find a way to enhance productivity and collaboration internally. With locations across more than […]


Discover more related articles per dossier:

Customer Stories

  • three women gathered around a Microsoft Surface

    How Belfast Healthcare & Social Care Trust is Digitally Transforming

    Digitally Connecting Vulnerable Patients to Care Facilities Partnering with Microsoft to help dedicated staff save valuable hours to put into care Belfast Health and Social Care Trust is one of the UK’s largest integrated health and social care providers with over 20,000 employees supporting a population of 340,000 service users. It faced the increasing challenge […]

Digital Transformation

  • Iceland runs on Trust

    How the cloud helped a small nation realise big ambitions

    In December 2015, the Icelandic government kicked off a digital infrastructure review. With more than 100 different suppliers managed by over 100 IT managers in each public institution, the brief was clear; to simplify operations and streamline IT for over 20,000 users. The solution: Fast forward two and a half years, and a decision was […]


Security & Privacy

  • 4 Steps to GDPR compliance with Microsoft SQL Server

    4 Steps to GDPR compliance with Microsoft SQL Server

    Is your organization prepared for the General Data Protection Regulation (GDPR)? If you do business in Europe, you’ll need to be aware of this new privacy law and take a fresh look at how your company gathers, uses, and governs data – and soon. The GDPR comes into effect on May 25, 2018. To help […]


  • Are you making the most of Microsoft Teams while working remotely?

    Are you making the most of Microsoft Teams while working remotely?

    There are many reasons and requirements for remote work. We created Microsoft Teams to help you stay connected with your teams and ensure you can continue working collaboratively and efficiently when working remotely. Here are a couple of tips to help you get the best from Microsoft Teams while working remotely: 1. Meet more efficiently […]