It appears that working from home causes employees to develop some very bad cyber habits, demonstrating that cybersecurity hygiene went from bad to worse mid-pandemic.
We’d like to think we’re just as secure while working from home. But a new survey from 2FA vendor Yubico of 3,000 employees, business owners, and C-level execs across the UK, France and Germany shows some disturbing cyber hygiene trends while working from home.
According to the data, employees of all levels within the organization have been putting the business at risk:
- 54% of employees admitted that they use the same passwords across multiple work accounts
- 41% of business owners and 32% of C-level executives still remember passwords by writing them down
- 42% of users are using their work devices for personal use
- 44% of business owners and 39% of C-level executives said they perform personal tasks while on a work device at home
- Only 55% are more vigilant about cybersecurity while working from home
And the most shocking…
- 60% of employees say that they aren’t responsible for cybersecurity and that IT should handle all defenses
It’s this last one that really gets me. Organizations must establish a culture of cybersecurity to some degree, engaging employees to participate in the org’s security stance. The largest (and easiest) role a user can play is by putting Security Awareness Training to practical use every day – that includes both improving cyber hygiene as well as being more cautious when interacting with email and the web. With the expectation that more phishing attacks are coming, it’s critical to put the user in place as a line of defense today. This will result in a far more secure user, environment and organization.