2021 is shaping up to be a great year for developers, but not so much for companies hiring them, with 61% of HR professionals believing this will be their biggest challenge in the year ahead. Recruiters expect a shortage of qualified programmers in 2021. fizkes / iStock Hiring managers worry that they’ll struggle to recruit […]
Pioneering scientists like Rothermel dealt with this intractable problem by ignoring it. Instead, they searched for factors, such as wind speed and slope, that could help them predict a fire’s next move in real time. Looking back, Finney says, it’s a miracle that Rothermel’s equations work for wildfires at all. There’s the sheer difference in […]
From smart toilets and disinfecting robots to transparent OLED displays and sleep tech, CES 2021 was a showcase for the latest innovations in consumer and enterprise technology. CES 2021 is a wrap. And although this year’s all-digital event was a significantly different experience from past shows, there was plenty of innovative tech on display. TechRepublic’s […]
Along with the independence remote work affords employees comes the use of shadow IT and poor password practices, according to a new survey by 1Password.
The tasks most frequently imposed on IT include resetting passwords and tracking app usage. For employees and IT staff, the swift pandemic-response transition to working-from-home (WFH) made daily security challenges even more relevant. Even if issues could be predicted, problems were likely, due to the rapidity of the switch, combined with the large number of employees reliant on a significantly and comparatively small IT department.
IAM proves to be a continual burr in productivity, not only for the IT staff, but for employees, too; 57% of IT workers reset employee passwords up to five times per week, and 15% are doing so at least 21 times weekly. The research revealed that 14% of IT workers “are consumed with IAM, and spend at least an hour per day on routine IAM tasks.”
One in three IT workers don’t fully enforce security policies, while 20% of workers don’t consistently adhere to security policies. The besieged IT staff “cite a lack of suitable technology resources and concern for employee effectiveness” which unquestionably affects “the relentless quest for productivity.”
IT workers believe they’re without resources to ensure IAM products are solid and effective, and don’t feel confident in the provided tools. Only 48% of IT workers allege that most of IAM products bring value to the company, while 13% said less than 10% of their IAM products actually deliver.
Shadow IT has become an even bigger problem in the new WFH normal, as IT staff are less able to monitor employees’ use at home of information technology systems, devices, software, applications, and services for which the company’s IT department has explicitly approved. Shadow IT impedes the power of EPM to achieve security, productivity and convenience.
IT departments use IAM to detect the unauthorized use of Shadow IT, and research revealed it’s “largely successful.” Four in five employees said they always follow the company’s IT policy, which means only 20% of all workers drive all Shadow IT activity. The report stresses these employees are not malicious actors, but are laser-focused on productivity: 49% cite productivity as the No. 1 reason for sidestepping the IT department’s rules.
“The Shadow IT picture is more complicated than many think,” said Jeff Shiner, chief executive officer, 1Password, in a press release. “Most of us follow the rules, but a small group of employees trying to get more done circumvent policies and create openings for credential attacks. They’re sometimes enabled by IT workers who empathize with their pursuit of productivity.”
The company scofflaws who don’t follow IT policy, according to the report, are:
Sprinters: More than two times more likely to cite convenience as more important than company security. Almost half believe that adhering to “strict password requirements” isn’t worth the effort and time.
Skeptical of IT capabilities: Those who break IT policies are 50% more likely to claim that it’s unrealistic for businesses to oversee all devices and apps used by employees. They also allege that the IT department “is more of a hindrance than a help.”
Millennials and Gen Z: Compared with colleagues ages 56 and older, 18- to 39-year-olds are three times more likely to admit they do not always follow IT policies.
IT workers cite a lack of resources
IT workers did not lay all the blame for security issues on employees but said they lacked appropriate tech resources. They also said that “concern for employee effectiveness” is why 33% of IT staff are not resolutely enforcing the enterprise’s security policies.
IT staff admissions:
25% said they don’t enforce security policies universally
4% forgo all policy enforcement because they don’t want to deal with the common and frequent concern of productivity vs. managing policies
38% do not strictly enforce security policies because the “organization’s method for monitoring is not robust”
29% agreed “it’s just too hard and time consuming to track and enforce”
28% said “our employees get more done if we just let them manage their own software”
33% said strict password requirements at work aren’t worth the hassle
How IT staff feel about EPMs:
89% of IT departments said a password manager has measurable impact on security
57% who use EPMs report it’s a time-saver
45% said it reduces the time they spend on the mundane
37% said it enhances productivity
26% said it reduces breaches and attacks
26% claim it creates happier employees
Methodology
1Password used an online survey by Method Research and distributed by Dynata, with 1,000 full-time US computer/desk-job employees; 50% of respondents work in their company’s IT department, and 50% came from any department. Respondents were 18 and older, and “roughly balanced across age and geographic area.” Data was collected from April 15 through 23, 2020.
Cybersecurity Insider Newsletter
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays