Poor HR policies encouraging major security risks

A new survey has revealed exactly how HRDs are falling behind when educating their staff about corporate technology and its potential risks

21% of all Singapore workers have read documents they shouldn’t have while at work, according to a new survey by security intelligence firm, LogRhythm. Additionally, 14% of workers have accessed or taken confidential documents without getting the proper authority beforehand.
 
Furthermore, the poll found that 41% of Singapore workers were likely to keep their passwords in an unsecure location, thus causing a potential weakness that could cause future data breaches.
 
These figures are a reminder to HRDs to look at their workplace L&D policies and ensure that staff are educated about the dangers of this type of behaviour. A proactive approach is certainly needed so that employees remain on the frontline in order to effectively tackle any security threats.
 
“Information security needs to be a coordination between the organisation and its people,” said Bill Taylor-Mountford, vice-president Asia-Pacific and Japan for LogRhythm. “It is no use to have the best walls and moats around the castle but your guards leave the key to the side door outside."
 
The survey found that 73% of Singapore managers felt that their company was serious about tackling security of information. This was despite the figures above, indicating that in some companies there is a real disparity between staff and executives.
 
On a more positive note, the survey also revealed that 73% of Singaporean employees had changed their passwords in the past six months with 69% changing them at least once a year. In this area, it seems that education is working, although it is up to HRDs to further push forward with more in-depth L&D strategies to ensure all employees are aware of proper password hygiene habits.
 
"While we try to educate the importance of password hygiene to workers, it will help if the organizations have systems in place to ‘force’ the change,” Taylor-Mountford said.
 
Related stories:
 
Cyber-crime: what you need to know
 
What exactly is causing the data breaches at your company?
 
Singapore HRDs: Are you using tech to its full potential?