Security Roundup: Going Rogue, SentinelOne, Exabeam, Kaspersky, Sophos
A growing headache for IT is workers going rogue with work devices, software and applications, despite being aware of the potential risks involved, just so they can do their job.
New research by Snow Software highlights this problem. The study polled 3,000 professionals in the United States, Europe and Asia Pacific, and revealed that this is especially notable in younger employees, as millennials are almost twice as likely to go behind IT’s back compared to older workers. Some 81% of millennials admitted they have used or accessed something on their work device without permission, versus 51% of baby boomers who have done the same.
In general, management-level employees (manager, director, vice president or executive) were almost twice as likely to use unauthorized professional or personal software and applications compared to individual contributors (entry-level, associate or specialist).
Vice presidents and C-level executives led the way in using work apps (57%) and personal apps (51%) on their work device without permission.
So how does IT keep a lid on cyberthreats with workers actively going rogue?
We spoke with Alastair Pooley, Snow Software’s CIO, to find out more about this problem and how it can have serious consequences for organizations.
Channel Futures: Does the fact that many workers are breaking the rules to get the job done mean organizations need to focus on making it easier for workers to both get the job done and practice good cybersecurity?
Alastair Pooley: It is vital that organizations concentrate on making the secure route the easiest path for workers to access technology. The familiarity everyone has with technology along with their personal experience of the app ecosystem on modern smartphones has raised everyone’s expectations of their use of technology. People expect it to work whenever they want it, from anywhere, and they are not averse to using their own devices or applications to achieve these aims. Organizations must focus on enabling employees while maintaining insight into the corporate technology ecosystem to ensure they are both obtaining value for money and protecting their assets.
CF: Can going rogue lead to serious problems that workers may not be aware of? Can you give some examples?
AP: Unfortunately, this is a real and increasing risk. I have personally seen examples of applications being used outside of the IT organization which led to the export of personally identifiable information (PII) outside of the EU. This would now be a breach of General Data Protection Regulation (GDPR) regulations and would land the organization in some difficulty. While most workers are aware that security is important, they don’t correlate their use of data and applications as either a security risk or a regulatory issue.
Away from security, another big concern many CIOs have today is controlling costs. While technology investments are now more commonly originating from the business decision makers, I have seen examples of businesses paying for …