Less than half of Irish office workers completely trust their employers to protect customers’ data
Dublin, 28th February 2019 – Datapac and Sophos today announce the results of a survey which highlights alarming practices prevalent in Irish workplaces and significant concerns amongst Irish office workers in the ability of their employer to protect sensitive data. The survey1 found only 42% of office workers completely trust their employers with their personal data, and just 47% completely trust their employers to securely protect customers’ data.
The survey of 500 Irish office workers was carried out by Censuswide on behalf of Datapac, Ireland’s leading technology solutions and services provider, and Sophos, a global leader in network and endpoint security.
Password Management Practices
The survey also discovered some worrying trends when it comes to password management practices in the workplace. One-in-five employees admitted to having kept their company password on a post-it note, 16% have shared a work password with a friend or family member, and almost one-third (31%) have shared their password with a co-worker. Furthermore, 44% of respondents said they use three or less passwords to manage their entire digital presence – including both their work and personal online accounts.
According to the survey, employers also fall short when it comes to implementing best practice for password management, with 16% of office workers saying they have never been asked to change their passwords in the workplace.
Dermot Hayden, Ireland country manager, Sophos, commented: “It’s a wake-up call for employers to see how common it is for employees to share their password with others both inside and outside the organisation. Careless behaviour with passwords can easily lead to damaging security breaches and it is important for employers to take the lead on this issue by ensuring adequate processes and controls are in place to protect their business.”
Karen O’Connor, General Manager, Datapac, added: “The appropriateness of an organisation’s password policy and the effectiveness of its implementation are core to risk mitigation within an organisation. Services such as vulnerability testing and threat intelligence monitoring can help identify potential compromises and aid with continuous compliance auditing.”
Data protection and GDPR
The survey also revealed the prevalence of further poor practices when it comes to data access and control in Irish workplaces. It was found that 17% of respondents have accessed work documents and data from a previous job, and 14% have shared documents or data from a previous employer.
Despite the General Data Protection Regulation coming into force in May 2018, the survey also found that 41% of Irish office workers – amounting to more than half-a-million people2 – are yet to receive any form of GDPR training. Additionally, more than half (54%) of office workers are not fully confident that their day-to-day activities in work, such as processing customer data, are GDPR compliant.
A significant number of respondents also indicated they have little knowledge of their organisation’s IT security policies and procedures when it comes to protecting data. Almost one-in-four (23%) admitted they have poor or no awareness of how to prevent data loss within their organisation.
Karen O’Connor continues: “The lack of trust in employers’ ability to secure data is a worrying sign for both employees and consumers but doesn’t come as a complete surprise. As the GDPR deadline loomed last year, many organisations rushed to implement solutions without giving due consideration to what exactly they were trying to protect and why. As a result, a significant number of organisations don’t have the correct tools, training or knowledge in place and, as evident from the survey, have lost the trust of their employees when it comes to data protection.
“For best practice, businesses are encouraged to take a step back – assess the data they process, understand the threats and risks as they pertain to their organisation, and then look to put the relevant controls in place. It is essential also that a mechanism exists to continuously review the effectiveness of those controls over time. This is driving the trend towards managed services that take this continuous approach.
The end-user threat will always be present but regular vulnerability testing, along with well thought out access rights management solutions, can help to mitigate risks. Ultimately, it’s about ensuring only the right people have access to the right data at the right time.”
To find our more about IT Security Services and Solutions from Datapac click here
1The online survey of 500 Irish office workers was carried out by Censuswide on behalf of Datapac and Sophos.
2 Figure based on total number Irish office workers as according to Q3 2018 statistics from the CSO.
Sophos is a leader in next-generation endpoint and network security, and as the pioneer of synchronized security develops its innovative portfolio of endpoint, network, encryption, web, email and mobile security solutions to work better together. More than 100 million users in 150 countries rely on Sophos solutions as the best protection against sophisticated threats and data loss. Sophos products are exclusively available through a global channel of more than 30,000 registered partners. Headquartered in Oxford, UK, Sophos is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com
Register for upcoming events
"At Barretstown, we rebuild the lives of children, and their families, affected by childhood cancer and other serious illnesses. We serve 5,000 campers a year and have 1200 volunteers each year. Communication is crucially important and Datapac has helped us to streamline, improve and ensure efficiency."
"Datapac has provided us with a fantastic product and world-class levels of service and support. Whenever people ask me about our experience with Datapac I’m always ready to sing their praises and I would happily recommend their services to any organisation."
"For many years Datapac has been our sole supplier for the maintenance of Personal Computers and Peripherals in Ireland. Through their Service Centres in Wexford and Dublin, Datapac provides excellent support to our businesses throughout the country and consistently meets the SLA targets which we have set. The skill, expertise and experience of their engineers and other technical support personnel are of the highest standard."
“The value of dealing with an HP Gold partner in this process can’t be underestimated. Datapac provide us with a local touch and can cover the full range of our IT requirements, but when there is a specific technical requirement like this, they can bring the specialist technical resources of HP to the table. HP and Datapac had a thorough discussion with us around our requirement - and had really done their homework - and then were able to provide us with a very highly specified test platform for us to prove the application on before we committed to purchase.”
Datapac understands our needs and requirements and has the expertise and experience to follow through on all our requests. Our constant need to reduce costs has been assisted by Datapac's ability to suggest alternative solutions and methods whilst improving both efficiency and productivity. Our partnership with Datapac is akin to having an IT department on site that we simply could not provide ourselves.