Cybersecurity is a crucial part of anybusiness, but new research shows employees are overwhelmingly trying to skirtonline precautions to access blocked websites or services.

|

One report from Dtex Systems says 95 percent oforganizations have employees trying to get around security measuresin their workplace.

|

The report says these employees were using virtual privatenetworks (VPNs), surfing the web anonymously through browsers,and/or using a hacking program like Metasploit, which tests systemvulnerabilities. Many employers put these parameters in place forproductivity reasons, and this research proves employees aregetting smarter about how to bypass these measures.

|

The Dtex report also finds that security breaches in companiesare largely the result of employees, with 60 percent of breachescredited to insiders. Of those insider breachers, 68 percent aredue to neglect, 22 percent are malicious attacks and 10 percent arecaused by stolen credentials.

|

One of the alarming insights from these insider breaches has todo with employees storing information on cloud services, anincredibly popular way to saving data these days. Sixty-fourpercent of companies found corporate information publicly availableonline, because it was sourced from a cloud service. A large numberof employees, 87 percent, are using their personal, web-based emailaccounts on company computers and devices, which opens up companydata to hackers.

|

Outside of neglectful online practices, the report also findsinappropriate internet use among employees in the workplace. Almost60 percent of companies surveyed found employees accessingpornographic material during work hours, and 43 percent partakingin online gambling.

|

Another study from Willis Towers Watson, an advisory company,released a survey with very similar findings. Their study shows two-thirds of a company’scyberattacks are a result of employee negligence or maliciousactivity, and only 18 percent of cyberattacks are the result ofexternal breaches.

|

When it comes to protecting company information, it is veryimportant to focus on human resource data and applicant trackingdata. This type of information is the focus for many hackers,because selling personal information is lucrative on the blackmarket.

|

The personal information in HR systems include social securitynumbers, bank information and other data hackers can sell to stealidentities. And hackers can get a whole crop of this information ifthey get access to an entire HR database, making these a veryvulnerable place when it comes to company cyber security.

|

Kimberley Smathers, the director of information security and compliance at Jobvite, lays out a few ways to ensure HR data is safe.One thing to ask hosting services in charge of HR data is wherethey host their data. If it’s in the cloud, an increasingly popularchoice, make sure they take other precautions to protect thisdata.

|

To ensure these precautions will happen, she suggests asking ifthe hosting service has any certifications. If the provider has acertification, this means an independent auditor verified them ascredible, and that’s something a company wants when it comes toensuring security.

|

These tips are for protecting against larger threats, but asthese various reports show, most security issues come from humannegligence.

|

HR Dive looked into ways companies can encourage better security habitsamong its employees to avoid phishing and spoofing attacks.

|

One of the suggestions from cybersecurity expert Michael Overly,partner at Foley & Lardner, is to know how your employees arestoring data. How are people storing, working on and deleting data?Once this is established, IT experts can put in place the correctencryption and security options in place.

|

Overly also suggests monitoring activity, and noticing ifemployees are logging on at strange times or for prolonged periods,and checking to see what they are working on. Monitoring socialmedia use and software downloads also helps protect company datafrom outside hackers.

Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.

  • Critical BenefitsPRO information including cutting edge post-reform success strategies, access to educational webcasts and videos, resources from industry leaders, and informative Newsletters.
  • Exclusive discounts on ALM, BenefitsPRO magazine and BenefitsPRO.com events
  • Access to other award-winning ALM websites including ThinkAdvisor.com and Law.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.