Office Workers Confess How They Let Security Slide

By Lisa Vaas  |  Posted 2007-12-13 Email Print this article Print

Office workers anonymously confess to security sins in handling sensitive data including Social Security numbers.

When office workers are asked to self-report anonymously on their work-related security behaviors and attitudes, a snapshot emerges that may make IT workers cringe.

The research, conducted in on-the-street surveys in Boston and Washington by RSA in November and published in a report titled "The Confessions Survey," (PDF) found that 53 percent of respondents who work for the private sector access work e-mail via a public computer such as at an Internet café, airport kiosk, hotel or the like. The same is true of 51 percent of government employees.

Sixty-eight percent of enterprise workers leave work carrying a mobile device—such as a laptop, smart phone or USB flash drive—that holds sensitive job-related information, including customer data, Social Security numbers or company financials. That's also true for 58 percent of government workers.

It's not that these people work for organizations that don't have security policies or training. In fact, 97 percent of those surveyed who work for the government report that they're familiar with IT security policy, as are 81 percent of enterprise workers. Of government workers, 92 percent say that their employers provide security best practices training, as do 69 percent of enterprise workers.

Rather than ignorance regarding proper security procedures, what the research reflects is that a substantial number of users—35 percent enterprise, 34 percent government—feel that they have to take security shortcuts to get their jobs done.

Unfortunately, that weakens security profiles. "These 'innocent' insiders can unwittingly initiate data exposures of extraordinary scope and cost through their ordinary, everyday behavior, whether through carelessness, working around security measures or following inadequate security policies," the report says.

Read the full story on eWEEK.

Lisa Vaas is News Editor/Operations for and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters