The survey’s key finding was that fully 35 percent of employees report that it’s common to take proprietary company information on leaving their firm.
As bad as that is, the rest of the statistics in Dell’s survey were even worse, with 36 percent of employees regularly opening emails from unknown, untrusted sources, which make them extremely susceptible to phishing attacks.
Forty-five percent of employees admit to engaging in behaviors they know to be unsafe from a cybersecurity standpoint, including using personal email accounts for work, misplacing company-issued devices and connecting to public WiFi to access confidential or proprietary information.
In addition, 72 percent of employees reported being willing to share proprietary, sensitive or confidential information under certain circumstances.
All of this paints a stark picture of a problem with no easy solution.
It’s easy, for example, to say that better employee education is the answer, except that while the exact scope and scale of the problem may not have been known before, it’s certainly no secret that phishing attacks aimed at rank and file employees have been a longstanding problem. To this point, few companies have bothered to attempt to better educate their employees.
Worse, the few that have haven’t seen much of an improvement.
In a similar vein, it would be easy to make the blanket statement that having a robust data policy in place would go a long way toward alleviating the problem. However, talking about it and actually developing and implementing such a policy has, at least to this point, proven to be a daunting undertaking.
The old adage is true: your employees are simultaneously your greatest asset, and your company’s biggest threat.