That's the case for the nearly 1 in 5 (19%) U.S. employees working in an office setting who admit they have opened an email at work they suspected to be fake or a phishing scam – without notifying the IT department – according to the results of a survey conducted online in May and June in the United States by Harris Interactive on behalf of Courion® Corporation.
This ignorant and self-destructive behavior, which puts the entire enterprise in jeopardy, points to a critical need for organizations to better educate staffers who don't understand the risks their actions can pose. Want more evidence employees need better education? Nearly 1 in 4 (23%) office workers don't understand why their employer makes them change passwords so often.
"These are otherwise intelligent people who, if informed about the potential consequences of their actions, would do the right thing," said Chris Sullivan, vice president, advanced intelligence solutions at Courion, a leading authority in intelligent identity and access management (IAM). "Any employee may succumb to natural curiosity. Before curiosity kills the cat, organizations need to get their arms around this behavior. They need to educate their employees and use systems that eliminate risky activities."
Courion software verifies that only authorized users have appropriate access to computing resources based on their roles and company policies. While only better education may prevent employees from falling prey to a phishing attempt, real-time monitoring capabilities built into Courion's provisioning and governance solutions may enable organizations to detect a hacker once they have infiltrated, should they escalate access rights or suddenly begin accessing company critical resources that don't match the legitimate user's role definition. In fact, with 17 years of experience, the company is helping more than 500 organizations safely protect their critical IT assets from unwanted access, complementing security tools like firewalls, antivirus software and intrusion detection systems.
Analyzing petabytes of data related to identities, access rights, information resources, access policies and computing activities, Courion's software identifies risks, anomalies, and potential and actual breaches, often catching what slipped through a company's perimeter defenses. The software also continuously monitors the IAM environment, making compliance audits quicker, easier and less painful than ever.
"It's worrisome that despite years of software development and awareness-building, many organizations still lack control and insight into the growing access risk within their own walls," said Sullivan. "It's time for companies to get serious about real-time, intelligent identity and access management and address the risk before it evolves into an incident causing irreversible damage."
The survey was conducted online within the United States by Harris Interactive on behalf of Courion between May 31 and June 4, 2013, among 2,084 adults ages 18 and older, among which 552 work in an office setting. This online survey is not based on a probability sample, and therefore no estimate of theoretical sampling error can be calculated. For complete survey methodology, including weighting variables, please contact Michelle Dillon at [email protected]
With deep experience and more than 10 million users at nearly 600 corporations, Courion is the market leader in Identity and Access Management (IAM), from provisioning to governance to Identity and Access Intelligence (IAI). Courion provides insight from analyzing the big data generated from an organization's identity and access relationships so users can efficiently and accurately provision, identify and minimize risks, and maintain continuous compliance. As a result, IT costs are reduced and audits expedited. With Courion, you can confidently provide open and compliant access to all while also protecting critical company data and assets from unauthorized access.