Over half of organizations expect remote workers to be a data breach vector
- Published: Friday, 24 April 2020 08:48
More than half (57 percent) of UK IT decision makers believe that remote workers will expose their organization to the risk of a data breach, according to an annual survey – conducted between 25 and 27 March 2020 – commissioned by Apricorn. This figure has steadily increased from 44 percent in 2018 and 50 percent in 2019. The rise could reflect a corresponding increase in the number of people working remotely, or an enhanced awareness of the risks of doing so as the UK's workforce began to follow government guidelines to work from home.
In 2019 almost half of respondents (47 percent) admitted that their remote workers had already knowingly put corporate data at risk of a breach in the last year; this has now dropped slightly to 44 percent. Apathy continues to be a major problem, with just over a third (34 percent) of IT leaders saying their remote workers simply don’t care about security – exactly the same percentage as last year – which suggests that organizations are struggling to get employees to buy into the security strategy.
Organizations have increasingly recognised the importance of endpoint control as remote working has become more prevalent. Nearly all (96 percent) mitigate the risks of BYOD (bring your own device) with a security strategy that covers employees’ use of their own IT equipment out of the office. Of those, 42 percent only allow the use of devices that have been provisioned or approved by IT, and enforce this with strict security measures. This is a significant rise on 2019, when just over 1 in 10 (11 percent) did so.
This change is crucial says Apricorn given that lost or misplaced devices is now the second biggest cause of a data breach – cited by almost a quarter of respondents (24 percent), up from 17 percent a year ago. Employees unintentionally putting data at risk remains the leading cause (33 percent), with third parties mishandling corporate information cited as one of the main causes by 23 percent.
Despite this, the majority (87 percent) of UK IT decision makers agree that their organizations’ remote workers are aware of cyber security risks and practices, and follow required policies at all times.
When it comes to the challenges of implementing a cyber security plan for remote working, almost a fifth of IT decision makers (19 percent) say managing all the technology employees need is the biggest problem, a drop from 30 percent in 2019, which suggests that organizations are getting a handle on the complexity involved in the technology aspect. In addition, fewer IT leaders believe that difficulties with GDPR compliance is the biggest problem with mobile working: 16 percent agreed, compared with 20 percent in 2019, suggesting that this aspect may have been less of a challenge than they originally anticipated.
About the survey
The research was conducted between 25.03.2020 - 27.03.2020, by Censuswide. Respondents were 100 UK IT decision makers (CIOs, Heads of IT, IT directors, Senior IT managers etc.) from enterprise organizations (1000+ employees) within the financial services, IT, manufacturing, business and professional services sectors. Censuswide abides by and employs members of the Market Research Society which is based on the ESOMAR principles.