A new survey has found that two out of every five employees in Ireland have experienced phishing, hacking, cyber fraud or other cyber attacks.
The research, which was carried out by Amarach, on behalf of Microsoft, also revealed that employees can often be a weak link, with a fifth admitting they write down their passwords.
Some 44% say that they recycle the same password across multiple applications and just 16% of employees have updated their passwords in the last 12 months.
The survey also found that a third have plugged a non-work USB drive or data storage device into their work machine. This poses a possible intellectual property loss or theft risk. According to Microsoft, 81% of data breaches last year arose from this practice.
A further risk is posed by employees who work from home using their home devices for work purposes. Half of those questioned acknowledged that they prefer to do this rather than their work device.
As a result of this, a quarter of these respondents say that they have accidentally shared work-related material with friends and family.
This survey also found that not only is there a risk around the use of home devices, but that one in three of those surveyed say they use their personal email for work-related storage or for storing customer data.
Despite the dangers of this, almost half of all public and private sector employees surveyed said they have received no security training in the last year.
This survey was conducted among 700 employees working in Irish businesses that have over 100 staff members.
The results also show that many people have been the victim of a data breach with just under one third of employees surveyed notified that their personal data had been compromised.
“Organisations must now ensure they are taking a considered approach to data security, and embrace new procedures and technologies, coupled with consistent training, enforced policies, along with better device upgrades to enable employees to deliver the productivity needed for successful transformation with a minimum of risk to the organisation,” said Des Ryan, Microsoft Ireland Solutions Director.
There are a wide variety of steps people can take to ensure their organisation’s data remains secure. These include appropriate security training, guarding against phishing and increasing security around passwords, including the consideration of the introduction of Multi-Factor Authentication.
It is also essential to maintain up-to-date software and back up data to the cloud.