Enterprise employees choose adult content, app downloads over security

Research suggests despite knowing otherwise, workers worldwide regularly ignore IT policies and place businesses at risk.


Business employees are regularly ignoring IT policies in order to surf adult content and download both suspicious attachments and unauthorized apps, a new report claims.

According to a new survey conducted by Blue Coat and Vanson Bourne, the rising number of cyberattacks levied against businesses is on the rise -- but employees are yet to tailor their behavior at work accordingly.

The majority of 1580 survey respondents worldwide said they understood the cybersecurity risks linked to downloading email attachments from unknown senders, viewing adult content, using social media and downloading unapproved applications, but this has not curbed their risk-taking when using corporate systems and mobile gadgets.

Across 11 countries, business employees admitted to accessing adult websites at work -- a veritable breeding ground of malware and malicious content. The survey found that Chinese employees were the worst offenders, with 19 percent of respondents admitting to surfing pornography at work. In total, 10 percent of Mexican workers said they have viewed adult content on work devices, and the UK was not far behind at nine percent.

Overall, six percent of the global workforce admitted to viewing porn through corporate devices.

"This risky behavior can leave both sensitive corporate and personal data open to being stolen and used immediately, stored for future use, or sold into a thriving black market where compromised corporate and personal identities are traded globally," Bluecoat says.

It is not just viewing pornography websites which can place devices and systems at risk of cyberattack. Criminals are known to use social engineering and research social media profiles for information which can be used to exploit a weak point in a corporate network, and phishing campaigns -- emails loaded with malicious attachments or links to malicious websites -- are a constant threat.

While companies such as PhishMe plan to launch programmes designed to teach employees how to detect phishing emails and avoid falling for them -- which can be catastrophic to a business network -- phishing campaigns are in a constant state of evolution and can be very difficult to detect.

Other survey highlights include:

  • 66 percent of respondents said using new apps without the IT department's consent is risky, and yet 26 percent admitted doing so. The UK was the most frequent offender -- with 33 percent admitting to this practice -- while 27 percent in Germany and 16 percent in France also said they have downloaded unauthorized apps.
  • One in five UK employees have opened suspicious email attachments, although 78 percent view it as a "serious" risk to business networks.
  • 41 percent of global respondents admit to accessing personal social media accounts at work.

Robert Arandjelovic, director of products for Blue Coat, EMEA commented:

"The dichotomy between the awareness and actions of the employees found in this research should trouble businesses all over the world. While IT professionals seek to prevent cyber-attacks occurring, their colleagues' behavior is jeopardising employers' cyber security and ultimately their jobs.

The consumerisation of IT and social media carry mixed blessings to enterprises. It is no longer feasible to prevent employees from using them, so businesses need to find ways to support these technology choices while simultaneously mitigating the security risks."

A new report from Juniper Networks suggests that data breaches will cost the global economy up to $2 trillion by 2019, with the US the most heavy-hit.