Security breaches are commonplace: survey reveals people weakest link

1 min read

Two out of three workers at Victoria Station gave complete strangers their system password when asked to in a survey about computer scruples at work. The majority of employees “give passwords to friends and colleagues”, are “willing to pass friends competitive information” and “download material on leaving”. Brian Tinham reports

Two out of three workers at Victoria Station gave complete strangers their system password when asked to in a survey about computer scruples at work. The majority of employees “give passwords to friends and colleagues”, are “willing to pass friends competitive information” and “download material on leaving”. The survey, undertaken by the organiser of next week’s Infosecurity Europe 2002 exhibition (23-25 April) and the newly formed ‘human firewall Council’, involved 150 office workers. Most were more than happy to tell interviewers their passwords, the most common of which was ‘password’. And many boasted the origins of their passwords. 64% said they had given their password to a colleague; 51% admitted they would download company information if asked to by a friend; 42% would be happy to tell their friends their company password. 54% would download contacts or competitive information to take with them on a job move – with clear implications for their employer’s intellectual assets and exposure to liability under the Data Protection Act. And if workers came across a file containing everyone’s personal details, 61% would look at it, although they were slightly more scrupulous about showing it to others in the office: 85% said they would keep it to themselves! 62% also admitted they had emailed colleagues illicit, unsavoury pictures or “dirty jokes”, believing that “everyone does it” – but thus exposing employers to litigation and loss of productivity. The “computer scruples at work” survey showed how lax workers are in general about password security, with an ignorant lack of awareness or care, when it comes to protecting their companies information. The survey exposes incredible naivety and ignorance. Employers need to instil in their people a culture of protecting information, with policies and training to support what is already expensive security technology. David Blackman, director of Pentasafe Security Technologies and founder of www.humanfirewall.org, says: “Chief Security Officers, who are primarily members of our council, know people are the weakest link, so these findings are no surprise. “As a pressure group we are doing everything we can to educate, campaign and learn from good practice to ensure that people are security conscious and respect their employers information.”