New Study Uncovers Device Usage and Views of Security by Education Employees Could Lead to Cyber Risks
- 73% of education workers value their personal privacy over company security.
- 26% of education workers allow their family members to use their work devices.
- Only 26% of education workers use a password management tool and 67% admit to choosing passwords that are easy to remember.
Remote learning during the pandemic has turned the education industry into a technology industry. But while the government poured money into schools to accelerate remote learning, cyber security and security awareness have not been a top priority. According to a new study, 42 percent of employees in the education industry admit to finding ways to work around security policies, and 77 percent value their personal privacy over company security. The study also proves that password hygiene among employees is risky, onboarding of new employees is inefficient, and Shadow IT is out of control.
“Shadow IT is out of control in Education. People are mixing up their work and personal devices, using apps that were not approved by IT and working around their organization’s security policies,” said Denis O’Shea, founder of Mobile Mentor.
The report, which was commissioned by Mobile Mentor and fielded by CGK, is an inaugural study that examines The Endpoint Ecosystem as the key to understand how employees perceive privacy, productivity, and personal well-being in the modern workplace. The study defines the Endpoint Ecosystem as the combination of all the devices, applications and tools plus the employee’s experience using that technology. The study presents a groundbreaking look at the tradeoffs between security and employee experience that every employer must face.
“It breaks my heart to see how cyber criminals have targeted schools and universities during the pandemic – as if they didn’t have enough to deal with,” said Denis O’Shea, founder of Mobile Mentor. “Password hygiene is a bigger problem than we thought. I was shocked to see that 31 percent of people write their work passwords in a personal journal and most people admit to choosing passwords that are easy to remember.”
The study illustrates that the Endpoint Ecosystem defines an employee’s journey from the day they begin their job and includes the onboarding process, all the way to the last day when their accounts are being revoked. Navigating trade-offs between endpoint security and employee experience has always been challenging but it has become critical in this post-pandemic world.
“Shadow IT is out of control in Education. People are mixing up their work and personal devices, using apps that were not approved by IT and working around their organization’s security policies,” O’Shea added.
HR Technology News: Talent Leader Hallie Bregman, PhD, Joins WorkLLama Advisory Board
The study also highlights the following findings specific to the education industry:
- Passwords are poorly managed and are a huge liability. Only 26 percent of education workers use a password management tool. Thirty-one percent of employees write their work passwords in a personal journal and 67 percent admit to choosing passwords that are easy to remember.
- Shadow IT is out of control. Employees are routinely using unapproved apps for work activities that may contain sensitive data. More than 46 percent of employees say security policies are restrictive and 42 percent admit to finding ways to work around security policies. Fifty-seven percent of workers believe they are more efficient using non-work apps like Dropbox and Gmail.
- The employee onboarding process is clunky. It takes an average of three days to set up a laptop for a remote employee and requires more than three technical support calls. Employees are not happy. Only 17 percent of education workers are very satisfied with IT support.
- Security policies are not seen or noticed by education workers. Less than half of respondents see a security policy every time they log on to their computer and about 20 percent say they can’t remember ever seeing a security policy.
- The risk of personal device use has not been resolved in education. Eighty-nine percent of employees use a personal device for work but only 47 percent of those devices are securely enabled.
- Seventy-seven percent of people in education believe their personal privacy is more important than school security.
In late 2021, Mobile Mentor commissioned CGK to field the study of 1,500 employees across four high-risk and highly regulated industries: healthcare, finance, education and government. Employees were located in the United States and Australia. Each interview consisted of 25 questions to understand how employees are using devices in a post-pandemic world. The goal of the study is to gather data to educate and inform employers how devices in their industries are being used, how to prevent security breaches, and how to best support productive employees.
HR Technology News: HR Technology Highlights – HR Tech Daily Round-Up For 24-Feb-2022