Computer Users Still Risk Takers

Users are aware of security concerns, but often ignore best practices for protecting themselves, their machines, corporate networks, and their data.

InformationWeek Staff, Contributor

October 9, 2006

4 Min Read
InformationWeek logo in a gray background | InformationWeek

Globally, two-thirds of employees are cognizant of security risks when working remotely on company machines. That's the good news. Of course, the converse is that one-third connect blindly to the Internet, in spite of hacking, theft and malware threats.

According to "Perceptions and Behaviors of Remote Workers & Security Considerations for IT Organizations," a study by Cisco Systems and Insight Express, end users are aware of security concerns, but often act contrary to best practices for protecting themselves, their machines, corporate networks or their data.

The online survey, conducted this past summer, queried more than 1,000 remote workers in 10 countries from every region of the globe. Users in China (78 percent), Australia (75 percent) and the United Kingdom (72 percent) reported the greatest level of security awareness. India (52 percent) and Japan (59 percent) posted the lowest awareness level. The United States was slightly above average, with a 68 percent awareness rate.

The security awareness rates are really not too surprising, since surveys during the past several years have shown similar results. However, the Cisco/InsightExpress study reveals the often contradictory actions of end users who unnecessarily expose them and their work computers to security threats.

For instance, less than one-third said they use work computers for personal use. However, roughly half went on to say they use work computers for personal online purchases. Again, nearly half (46 percent) said they download personal files to their work machines and download business files to their personal computers (often unprotected to the same degree as a business machine). The chief reasons for using a work computer for personal use: "I'm alone and have spare time" and "My company doesn't mind."

One in five will allow someone else to use their work computer to access the Internet, with the worst offenders in China (42 percent), Italy (31 percent) and Brazil (27 percent). Although the survey administrators didn't ask the reason for sharing work computers, they speculate that a low deployment of personal computers in these countries forces many to use their friends' and their own work machines for personal use. When asked why they allow others to use their work machines, the overwhelming majority said they didn't see anything wrong with it or that their company doesn't mind.

A little better than one in 10 are accessing open wireless access points (their neighbors' or a business') to connect to the Internet. Most said they would hijack a connection because they were in a bind and needed to get online. But a large number said they either can't tell when they're accessing their own or someone else's access point, or setting up a wireless network is too difficult.

The survey shows risky usage practices, but it appears that most users understand the danger of opening unknown e-mail attachments. Only 25 percent said they open unknown e-mail and attachments on their work computers; the best awareness rate was posted by Japan (14 percent), Brazil, France and Italy (15 percent each), and Australia (16 percent). The United States came in just below the global average with 24 percent. The worst offender: China (57 percent).

The good news on unknown e-mail stops there. Survey respondents are often befuddled by what to do when they do receive an unknown e-mail. Only one-third said they would delete it immediately without opening it. Thirty-eight percent said they would open the e-mail but would not open any attachments; although this sounds safe, it could still expose the machine to self-activating malware. Six percent said they would open the e-mail and any attachments.

While the survey shows a majority of corporate remote users around the world are acting safely on work computers, a large number continue to expose themselves, their machines and company data to threats. Cisco plans to follow up with another survey to probe deeper into the reasons behind some of these risky behaviors. The immediate takeaway is that companies must do more to raise user security awareness and change risky computing habits.

NEXT: Key survey results

The following are key results from the Cisco Systems/InsightExpress "Perceptions and Behaviors of Remote Workers & Security Considerations for IT Organizations" survey.

Are you aware of security risks when using your work computer?
Total: 66%
China: 78%
Australia: 75%
UK: 72%
US: 68%
Germany: 67%
France: 65% Brazil: 65%
Italy: 63%
Japan: 59%
India: 52%

Do you use your work computer for personal use?
Total: 29%
China: 57%
Brazil: 32%
US: 30%
India: 30%
Italy : 30%
Germany: 28%
France: 27%
UK: 27%
Australia: 20%
Japan: 12%

Do you open unknown e-mails with your work computer?
Total: 25%
China: 57%
Germany: 27%
UK: 26%
India: 26%
Brazil: 25%
US: 24%
Australia: 16%
France: 15%
Italy: 15%
Japan: 14%

Do you allow others to use your work computer?
Total: 21%
China: 42%
Italy: 31%
Brazil: 27%
Germany: 22%
India: 21%
US: 19%
France: 15%
Japan: 13%
Australia: 12%
UK: 7%

Do you access your neighbor's wireless access point?
Total: 11%
Brazil: 19%
China: 19%
Italy: 18%
Germany: 15%
US: 12%
India: 10%
UK: 6%
Japan: 6%
France: 5%
Australia: 4%

Do you download personal files to your work computer?
Total: 46%
China: 66%
Australia: 58%
Brazil: 48%
Italy: 48%
UK: 45%
Germany: 43%
France: 39%
Japan: 37%
India: 38%
US: 35%

Do you download business files to your personal computer?
Total: 45%
China: 74%
Germany: 51%
Italy: 49%
India: 46%
US: 45%
Brazil: 44%
Australia: 43%
UK: 40%
France: 33%
Japan: 25%

Read more about:

20062006
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights