Datapac and Sophos today announced the results of a survey which highlights alarming practices prevalent in Irish workplaces and significant concerns amongst Irish office workers in the ability of their employer to protect sensitive data.
The survey found only 42% of office workers completely trust their employers with their personal data, and just 47% completely trust their employers to securely protect customers’ data.
The survey of 500 Irish office workers found that one-in-five employees admitted to having kept their company password on a post-it note, 16% have shared a work password with a friend or family member, and almost one-third (31%) have shared their password with a co-worker.
Furthermore, 44% of respondents said they use three or less passwords to manage their entire digital presence - including both their work and personal online accounts.
According to the survey, employers also fall short when it comes to implementing best practice for password management, with 16% of office workers saying they have never been asked to change their passwords in the workplace.
The survey also revealed the prevalence of further poor practices when it comes to data access and control in Irish workplaces. It was found that 17% of respondents have accessed work documents and data from a previous job, and 14% have shared documents or data from a previous employer.
Despite the General Data Protection Regulation coming into force in May 2018, the survey also found that 41% of Irish office workers - amounting to more than half-a-million people - are yet to receive any form of GDPR training.
Additionally, more than half (54%) of office workers are not fully confident that their day-to-day activities in work, such as processing customer data, are GDPR compliant.
A significant number of respondents also indicated they have little knowledge of their organisation’s IT security policies and procedures when it comes to protecting data. Almost one-in-four (23%) admitted they have poor or no awareness of how to prevent data loss within their organisation.
Commenting on the research, General Manager at Datapac, Karen O’Connor said, "The lack of trust in employers’ ability to secure data is a worrying sign for both employees and consumers but doesn’t come as a complete surprise. As the GDPR deadline loomed last year, many organisations rushed to implement solutions without giving due consideration to what exactly they were trying to protect and why. As a result, a significant number of organisations don’t have the correct tools, training or knowledge in place and, as evident from the survey, have lost the trust of their employees when it comes to data protection."
She added, "For best practice, businesses are encouraged to take a step back - assess the data they process, understand the threats and risks as they pertain to their organisation, and then look to put the relevant controls in place. It is essential also that a mechanism exists to continuously review the effectiveness of those controls over time. This is driving the trend towards managed services that take this continuous approach."