New Study Reveals Employee Behavior Exposes Security Risk, Despite Education
DENVER — December 3, 2015
Ping Identity®, the leader of Identity Defined Security, today announced results of the Ping Identity 2015 Online Identity Study, which reveals that the majority of enterprise employees are not connecting the dots between security best practices they are taught, and behavior in their work and personal lives. To help CIOs better understand how their workforce is accessing and securing data, Ping Identity surveyed 1,000 employees at U.S. enterprise organizations (classified of having more than 1,000 employees).
The study provides numbers behind the issues enterprises are challenged with in the age of digital transformation. The line between personal and professional use of apps and devices continues to blur, and while employees claim to prioritize online security, the data shows they are struggling to consistently follow best practices and take accountability for their actions. In the event of a data breach, most employees say the blame would fall on IT and not on their own risky behavior.
“Employees are doing some things really well to keep data secure, like creating unique and difficult-to-guess passwords, but are then reusing passwords across personal and work accounts or sharing them with family or colleagues,” said Andre Durand, CEO of Ping Identity. “No matter how good employees’ intentions are, this behavior poses a real security threat. IT continues to shoulder the burden of enabling mobility in a secure manner and educating employees on safe online behavior, but those efforts are falling short, too. This is a defining moment for CISOs and CEOs, and tackling these pervasive disconnects will require both to come together to rethink how they ensure that the right people have access to the right data from any device, no matter where they are.”
Account Login Credentials are Priceless for Some, but Not All
The results revealed that while enterprise employees claim to prioritize online security and understand risky versus safe behavior, they fail to follow best practices consistently. Unsafe password practices were particularly noteworthy given the high value respondents place on their passwords.
Employees Give IT Teams High Marks for Password Security, Yet Blame Them for Breaches
The survey respondents credit IT for implementing good or excellent password policies and enforcement. However, they also lack confidence in the IT department’s efficacy in preventing data breaches. In the event of a data breach, most employees say the blame would fall on IT rather than their own personal risky behavior.
For more details on the Ping Identity 2015 Online Identity Study, access the infographic here. For a lighthearted view of the daily online security sins people commit, visit Ping Identity’s Deadly Security Sins videos series here.
Ping Identity surveyed a representative sample of U.S. adults who work either part time or full time at businesses with more than 1,000 employees to learn about their perception and experiences with personal and corporate security. The web-based survey was fielded October 23-27, 2015 with a sample size of 1,016 (Margin of error +/- 3.1 percent at a 95 percent confidence level).
About Ping Identity | The Identity Defined Security Company
Ping Identity is the leader in Identity Defined Security for the borderless enterprise, allowing employees, customers and partners access to the applications they need. Protecting over one billion identities worldwide, the company ensures the right people access the right things, securely and seamlessly. More than half of the Fortune 100, including Boeing, Cisco, Disney, GE, Kraft Foods, TIAA-CREF and Walgreens, trust Ping Identity to solve modern enterprise security challenges created by their use of cloud, mobile, APIs and IoT. Visit www.pingidentity.com.
Ping Identity Contacts
Ping Identity Corporation
Follow Us on Twitter: @PingIdentity
Join our LinkedIn Group: Ping Identity Cloud
Subscribe to our YouTube Channel: PingIdentityTV
Like Us on Facebook: PingIdentityPage