Corporate employees using unsecure apps for work: IBM

When it comes to security many corporate employees are willing to take the risk of using unsecured, third-party apps if it means making their job easier, a new IBM Security study found.
When it comes to security many corporate employees are willing to take the risk of using unsecured, third-party apps if it means making their job easier, a new IBM Security study found.

When it comes to security many corporate employees are willing to take the risk of using unsecured, third-party apps if it means making their job easier, a new IBM Security study found.

The study, which was released privately to SCMagazine.com, discovered that about 33 percent of Fortune 1000 employees regularly save and share company data to an external cloud-based platform that the company cannot track. When asked why they took the risk, the answer was simple. Convenience.

“While the majority (57%) of employees agree it is a violation of their company's security IT policies, they intend to continue using these external cloud-based applications, due to the benefits they present,” the report stated.

While Millennial workers were singled out by the study as particularly likely to fall into this trap, with 51 percent of this group found to be frequently using cloud services for work, IBM pointed out that even older workers are not immune.

“And despite the rise and severity of cyber-attacks, choosing convenience over security is prevailing in even the most sensitive of roles. Recently, for example, Hillary Clinton chose added convenience over airtight security in her role as Secretary of State, one of the most sensitive and classified positions in the world,” the report stated.

Compounding the problem is that many workers also link these cloud-based apps to their corporate log-in and password. This creates a bus-size hole in a company's cybersecurity defense that can be exploited by hackers, the study found.

The study did not point out whether or not a sea-change type event would prompt workers to stop using unauthorized apps, but Diana Kelley, executive security advisor for IBM Security believes companies will have to change, not the workers.

“Education and training around cybersecurity is one part of the equation, but eventually companies will need to change the conversation so that there is no more arguing about whether or not employees can use a certain app. Instead, they'll find ways to give employees a broader choice about which apps they use to do their jobs without compromising security,” Kelley said in an email to SCMagazine.com on Thursday.

Such a conversation will likely be welcome by rank and file workers as the IBM report found that 60 percent of those surveyed would use IT-approved cloud apps.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS