Will Your Colleagues Screw Up Your Company’s Network This Christmas?

A combination of irresponsible user behaviour and weaknesses in the protection of networks will create more data breach risks during the holiday period than at any other time.

This is the assertion from a survey of ‘privileged users’ by BalaBit, an IT security innovator specialising in log management and advanced monitoring technologies.

Lack of authentication

With the festive season approaching, most respondents, (70%) still expect to use the holidays to connect to their work’s network or check in on emails, with more than a third (39%) logging on to access emails several times a day. However, while the majority of respondents, 72%, have used their own, a friend’s, colleague’s, or a public device to connect to the network during their holiday, 38% of users have not been asked for extra levels of authentication when connecting to the company network from a device that has not been registered.

The survey also reveals that some executives sidestep basic security measures during their time off. One in seven respondents (14%) have shared personal access details – their user name or password – with a colleague. Going against best practice on password protection, the same number of respondents have shared their password on the phone so that a colleague so could complete an urgent task on their behalf.

Around a third of all respondents surveyed, 35%, also admitted that they have not changed their password immediately after they have given it to someone else. Personal relations appear to play a role in this with a fifth of respondents admitting they had done this, as they trusted that person.

Zoltán Györkő, CEO of BalaBit, said: “With the holiday season approaching, it can be a prime time to catch up on any unfinished tasks and many of us need to check in on emails when we’re out of the office. However this survey highlights some worrying lapses in the protection of personal information during holidays. Whilst we’re relaxing at home, we can sometimes use the easiest route to complete a task, which means that security is compromised. Of course, we need to allow executives to do their job even if they’re not in the office, but organisations need to support them to do this in a secure way and which protects the integrity of sensitive company data.”

The survey was conducted with 269 users with high privilege rights, comprising: IT security consultants, C-level: CEO or CISO or CEO, operations managers, system administrators and other IT professionals.

Are you an Internet security know-it-all? Take our quiz!

Duncan Macrae

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

Recent Posts

OpenAI’s ‘Operator’ Agent Automates Online Tasks

OpenAI launches AI agent called 'Operator' to automatically fill out forms, make restaurant reservations, book…

2 hours ago

Pakistan’s Parliament Passes Bill For Strict Control On Social Media

Bill passed to give Pakistani government sweeping controls on social media, but critics argue it…

3 hours ago

Indian Tribunal Suspends Meta’s Data Sharing Ban

After Meta had warned that India's data sharing ban could collapse WhatsApp's business model, tribunal…

5 hours ago

UK’s CMA Begins Probe Into Apple, Google Mobile Ecosystems

British regulator confirms investigation of Apple and Google's domination of app stores, operating systems, and…

6 hours ago

Samsung Touts AI Features With Galaxy S25 Smartphones

Launch of Samsung's Galaxy S25 Ultra, Galaxy S25+ and Galaxy S25 sees the handsets described…

8 hours ago

LinkedIn Sued Over Alleged Use Of Private Messages To Train AI

Microsoft's LinkedIn sued for allegedly using customer data, including private messages, to train AI models…

10 hours ago