Senior Managers are the Biggest Risk to Security in the Workplace

• 1 in 4 senior managers have experienced a stranger on their conference call
• 1 in 10 senior managers don’t password protect their work mobiles and 30% don’t lock their computer screens when away from their desk
• 26% of employees that have access to customer data haven’t been trained on GDPR
• Over a third of employees don’t know where their security policy is saved
• Almost half of employees admit to using technology tools to communicate at work without them being password protected

New research by 247meeting has uncovered worrying lapses in workplace security, with senior management often being the biggest culprits.

Over a third of employees don’t even know where to access their company’s IT security policy and just 13% are confident that they remember all of it.

This is especially worrying given that GDPR came into effect mere months ago and 1 in 4 employees who have access to customer data admit they haven’t been trained on GDPR, despite the huge potential fines for their company.

1 in 4 senior managers have experienced a stranger on their conference call and almost a third are using the same password for email and external websites, despite the risk this poses to their company.

A quarter of senior managers have confessed to sharing their conference call PIN information with other colleagues regardless of the fact they admit to discussing employee grievances and sensitive business issues on their calls.

Gavan Doherty, CEO at 247meeting discusses these risks: “While sharing a conference call PIN may not seem to be very risky, it can be the start of a major security breach. Junior staff aren’t experiencing strangers on their calls, because they aren’t sharing their PINs.”

The top five industries that haven’t been trained on GDPR:

1. Hospitality and Events Management (55%)
2. Media and Internet (45%)
3. Marketing, Advertising and PR (44%)
4. Engineering and Manufacturing (41%)
5. Property and Construction (40%)

Permanent remote workers are the least likely to have been trained on GDPR.

Almost half of employees admit to using technology tools to communicate at work without knowing whether they are all password protected. The top three technology-based tools being used for work communication:

1. Skype (33%)
2. Google Docs (23%)
3. Slack (10%)

Almost a third (31%) of senior managers confess to not locking their computer while away from their desk, despite the sensitive information they are sure to have access to.

40% of millennials are using WhatsApp to talk about work issues compared to only 1 in 10 employees aged 55 and over using the app, potentially leaving some older workers left out of conversations

The main social channels that employees are using to discuss work related issue are:

1. WhatsApp (27%)
2. SMS (21%)
3. Facebook Messenger (18%)
4. Facebook (17%)
5. Twitter (8%)
6. Instagram (6%)
7. Snapchat (4%)

Gavan Doherty says: “It isn’t easy keeping the security of a company at the forefront of employees’ minds, but by saving the policy on each computer and reminding them how important it is to follow simple steps like locking your computer or not sharing your conference call PIN can save security breaches. Even having refresher training or tests just twice a year can make a difference.”

The top 10 industries least likely to know where their security policy is saved:

Gavan Doherty, continues: “We were initially shocked that so many senior managers had experienced a cyber-attack or data breach, yet since they were the ones more willing to share conference call PINs and leave their computers unlocked when not at their desk, the results aren’t that surprising.

“In light of the GDPR laws I think it is important for all companies to be reminded that customer data as well as company data needs to be protected by employees by doing these simple practices.”