36% of Employees Repeat Credentials in Work and Personal Applications

80% of employees use personal devices to access work applications, which often contain critical data. And these devices do not have adequate security controls.

This is according to research by CyberArk, which examines the risky behaviours of workers that put businesses at risk.

Half, 40%, download customer data on a regular basis. A third can alter data classified as critical or confidential. And 3 out of 10 are capable of approving large financial transactions.

In the end, privileged access is no longer restricted to IT administrators. Another problem is the reuse of passwords. Forty-nine percent of employees use exactly the same login for multiple work applications and 36% repeat credentials for work tools and personal cutting solutions.

Added to this is the fact that the majority (52%) have even shared confidential workplace-specific information with third parties.

There is also a majority (65%) who bypass cybersecurity policies with the excuse of not making life difficult for themselves. This includes the use of personal devices in the form of wireless hotspots and the forwarding of work emails to personal accounts.

‘These findings show that high-risk access is scattered throughout the workplace and bad behaviour abounds,’ analyses Matt Cohen, CEO of CyberArk, ’creating serious security issues for organisations and highlighting the pressing need to reimagine workforce identity security, protecting every user with the right level of privilege controls.

‘For too long, the standard approach to workforce access security has focused on basic controls such as authentication through single sign-on,’ Cohen notes. ‘This ignores the reality of the modern worker and the changing nature of identity.

The average employee can be an occasional user in the workforce and the next moment a privileged account,’ explains the CyberArk executive.