Research from the IT solutions company Unisys in the 2021 Unisys Security Index has found most Australians overlook key steps to protect sensitive data while working from home, putting their employer at risk.
Interestingly the 2021 USI revealed:
• 40% of Aussies say it is not their responsibility to protect sensitive data while working from home
• Almost half (46%) say it is their employer’s responsibility to protect their data
• 43% admit they have downloaded or installed software, mobile apps, or programs for work purposes, which their IT department had not authorised or approved
• 32% admitted to downloading apps for entertainment or personal use
Gergana Winzer, Industry Director of Cybersecurity, Unisys Asia Pacific, warns while Australians say they are responsible for keeping their own data safe and secure while working from home, many are not aware of common cyber security risks.
The same research showed 4 in 10 Aussies would still click on a suspicious link in a text message, email or social app, and a whopping 73 per cent don’t know where to report a scam if they were to fall, victim.
Gergana suggests employers should take a proactive approach with their employees to understand what unauthorised apps are installed and why.
“Is it a gap in tools required to perform a job? Or is it because employees aren’t aware of the functionality of approved apps, or are they simply reluctant to change from what they are familiar with? Measure the adoption of approved tools – including usability and experience – to work out how to make them irresistible, to negate the temptation or need for individuals to install unauthorised software,” advised Ms Winzer.
As almost 90 per cent of Australian businesses are SMBs, Gergana believes organisations should not be focusing only on employee education.
“Education is only part of the solution – it must be repeated and continually updated to ensure people are alert to new sophisticated threats. Humans will still make bad decisions – accidentally or intentionally. Organisations also need a holistic approach to security that also includes processes, policies and technologies to make it extra hard for people to do the wrong thing,” says Gergana.