Most employees are hard-working, engaged, and eager to please in their roles.
Many go out of their way to do their jobs effectively, efficiently and as best as possible.
Yet, therein lies a potential threat.
How would you respond if you found out that your employees were the most significant contributors to poor security in the workplace? You’ll probably be astounded.
Employees can often view security policies as roadblocks to their progress. So instead of working with these protocols, many look for shortcuts to bypass them.
In a CEB study, around 90% of workplace policies are being violated by employees.
So why do employees behave in this manner? You’ll be surprised to know that this habit arises from needing to do their job quickly and efficiently.
Often referred to as “the path of least resistance”.
In a result-oriented workplace, employees are usually stressed and pushed to deliver their best. With the pressure of deadlines, meetings and everything else in between, employees start looking for ways that allow them to accomplish their tasks as quickly as possible.
At the end of the day, they’re producing results, right?
So, they see no harm in the way they are working. However, violation of workplace policies by employees harms the business. It also makes the risk of insider threats becomes higher.
The person’s intent is good, but the damage that their actions can be severe.
According to the UK Information Commissioners Office (ICO), human error is attributed to over 90% of cyber breaches.
Insider breaches arise because of human errors, but they may also result from wilful negligence or ignorance on the employee’s part.
Surprisingly, some employees are aware that their actions aren’t authorised. But as long as the work gets done quickly, taking the shortcut is acceptable to them.
And some employees are utterly oblivious to their behaviours and potential actions that most likely place their organisation to risk.
In my experience, most insiders want to do the right thing but fail to do so.
Here are three types of fallible insiders.
Example: IRS employee took home data on 20,000 workers at the agency
An IRS employee took a personal thumb drive home which contained the social security numbers, addresses, contact information and other sensitive data of over 20,000 people. This included data of all contractors and current and former workers of IRS.
Investigation showed that the device was used on the personal home network of the employee, which was not secure and placed the data at risk.
Luckily, the thumb drive was not used for malicious purposes, and no misuse of the data was found.
Even though IRS does have precautions and policies in place, the employee had chosen to overlook them so that they could work at home.
While looking at the intent behind the action helps you understand its motivation, it still doesn’t answer why your employees are making mistakes.
To get to the root of the problem, you have to look for the following signs of employee behaviour in the workplace to understand why they behave the way they do.
Is it because they:
All these actions can significantly influence how the employee performs, act, and conduct themselves.
According to Gallup’s State of The Global Workplace, only 15% of employees are engaged in the workplace.
Employee engagement reflects the involvement and enthusiasm of employees in their work and workplace.
Employees can become engaged when their basic needs are met and when they have a chance to contribute, a sense of belonging, and opportunities to learn and grow.
The high level of employee disengagement is psychologically unattached to their work and organisation. Because their engagement needs are not fully met, they’re putting time but not energy or passion into their work.
Every day, these workers potentially undermine what their engaged co-workers accomplish.
Every day, these workers place their organisation at risk due to their “detachment” to work.
Paying attention to your workforce
Data breaches occur because organisation management and executive are not paying enough attention to the workforce.
It is essential to strike a good balance with your workforce. If they are overworked and stressed, they will look for shortcuts to accomplish their tasks. Beyond that, they will most likely burn out.
In due time, they will most likely leave the organisation. And if it hasn’t already happened, they will cause intentionally or unintentionally security incidents. This scenario is a recipe for disaster.
How are you engaging with your employees? How are you making their job more involved? How are you supporting them? And how do you encourage greater cooperation, trust and teamwork within your organisation?