The two most dangerous IT security sins, that everyone does

Employees are putting business data at risk with their email and file sharing habits. This is among the findings of the latest survey by email encryption specialist DataMotion.

Although companies are increasingly putting security and compliance policies in place nearly 44 per cent of respondents admitted that these are only moderately enforced at best.

In addition more than three-quarters of respondents said they believe employees at least occasionally violate their company’s compliance and security policies. More than one in five said those who do so are aware of what they are doing, but violate the policy anyway to simply get their job done.

"Though the survey shows us there is year-over-year growth in the number of companies putting security and compliance measures in place, the widespread security risks occurring are of great concern," says Bob Janacek, chief technology officer at DataMotion. "Particularly at a time when a number of organisations - both large and small - have experienced serious data breaches, it is essential that companies have strong security and compliance policies in place and that they ensure their employees fully understand and diligently follow them".

Other findings from the survey show that 30 per cent of respondents don't have the ability to encrypt email. Nearly 86 per cent of respondents said their organisation permits the use of mobile devices for email. However, of those who have the ability to encrypt email and allow email use on a mobile, almost 36 per cent can't send and receive encrypted email directly from their mobile email client.

Smaller organisations are more at risk when it comes to mobile with 47.4 per cent stating email encryption was not enabled on their mobile clients, versus 30.9 per cent for large organisations.

The results show a lack of confidence too with more than half believing it was likely their company would be selected for a compliance audit within the next year. Yet, nearly 60 per cent admitted they are, at most, only somewhat confident they would pass this type of audit.

The full report is available to download from the DataMotion website.

Image Credit: Balefire/Shutterstock