Healthcare providers looking to determine who's most likely to cause a mobile security breach had better keep an eye on the younger employees – and their C-level executives.
According to a new survey from Absolute Software, millennials – those between the ages of 18 and 34 – are much more likely to use employer-owned mobile devices for personal reasons than those in other age groups – especially Baby Boomers. And one in every four millennials believe they compromise IT security.
The survey, conducted in January among 762 adults over age 18 who work for companies of more than 50 employees and belong to the Springboard America Forum, paints a disturbing picture for America's largest workforce. And at a time when smartphones, tablets and laptops are the workspace of choice in doctor's offices, clinics and health systems, it should make executives sit up and take notice.
[Infographic: Privacy breaches – an enduring issue in healthcare]
“We conducted this survey with the intention of helping enterprises better understand the current attitudes that employees have towards data security and privacy,” Stephen Midgley, vice president of global marketing for Vancouver-based Absolute Software, said in a press release. “Armed with this information, our customers can consider user behavior as an additional data point in their endpoint security and data risk management strategies.”
According to the survey, while almost 80 percent would prefer separate devices for work and home, more than half – 52 percent – use their business devices for personal reasons. Among millennials, that number is 64 percent, while just 37 percent of Baby Boomers (those over age 50) cross the boundary.
In addition, 35 percent of millennials modify the default settings and 27 percent access "not safe for work" (NSFW) content. On the same topics, Baby Boomers scored at 8 percent and 5 percent, respectively.
Risky behaviors aren't limited to millennials, though. According to the survey, across all ages, one in every three C-level or senior managers accesses NSFW content, compared to 19 percent of mid-level employees and just 9 percent of junior-level employees.
But it's worth explaining that the way Absolute defines NSFW sites is broad such that the category includes personal e-mail (50 percent of those who access NSFW sites do this), online banking (33 percent), online shopping (28 percent), social media (27 percent), public WiFi (24 percent), personal calendars (22 percent), file sharing (21 percent), video streaming (18 percent), eHealthcare use (14 percent), gaming (10 percent), online dating (4 percent), sexting, adult sites and pirated content (all at 3 percent) and gambling (2 percent).
There were also some interesting results in the numbers and types of devices used. According to the survey, less than half – 46 percent – use one device, while 37 percent use two devices, 12 percent use three devices and 4 percent somehow make do with four different devices.
Laptops by and far topped the list of devices used, at 91 percent, with 21 percent using Macbooks. Among tablets, 47 percent use iPads, 23 percent use Android tablets and 21 percent use Microsoft Surface tablets. Among smartphones, 52 percent use iPhones, 41 percent use Android phones, 21 percent use Blackberrys and 19 percent use Windows phones.
When asked about the benefits of mobility, 39 percent like that they can respond to requests from any location, while 38 percent answered that they could be more responsive or that they could work while travelling. Rounding out the list were bringing devices to meetings in the workplace (31 percent), being more flexible in work hours (29 percent) and accessing corporate data from remote locations (28 percent).
“While the report indicates real progress in a number of critical security areas, there is still a lot that can be done to modify behavior and educate employees,” Midgley said in the press release. “Ultimately, everyone is responsible for protecting sensitive business information. Knowing there is ambiguity between how different users may approach this requirement, IT leaders need to provide meaningful guidance and training that reinforces this collective accountability.”
Related articles:
