New research coming from Dell sounds the alarm on unsafe practices within the enterprise.
Reports this week said Dell released its End-User Security Survey, which explores data security practices within corporations, and found evidence that employees are often putting their companies at risk. According to the survey, 72 percent of professionals said they are willing to share sensitive, confidential or regulated information.
Forty-three percent of those professionals said they would share that data on request of a manager. More than a third said they would share the information to someone authorized to receive it, and more than a fifth said they would share the information if they believed the risk to their company was low and the benefit of sharing it was high, according to Dell.
Despite good intentions, Dell Vice President of Endpoint Data Security and Management Brett Hansen warned these practices aren’t safe.
“When security becomes a case-by-case judgment call being made by the individual employees, there is no consistency or efficacy,” he said. “These findings suggest employees need to be better educated about data security best practices, and companies must put procedures in place that focus first and foremost on securing data while maintaining productivity.”
Other reasons employees gave for sharing confidential or sensitive company data include the belief that sharing that information would help them boost efficiency of their jobs, or boost efficiency of the jobs of the data recipient.
Nearly half of professionals told Dell that they knew they had engaged in some type of unsafe data exchange, whether through using public Wi-Fi to access sensitive company data, personal emails or losing a device issued by their employer. More than a third noted that it is a common practice for them to take sensitive company data along with them when they leave their place of work, and 56 percent said storing sensitive data on cloud-sharing services like Dropbox and iCloud is a common practice.
Just 3 percent told Dell that their questionable data-sharing practices were a result of malicious intent.