39% of UK business decision makers have admitted to dismissing staff members due to a breach of company cyber security policy since the start of the COVID-19 outbreak according to a survey of 200 UK firms.

The survey, conducted by independent polling agency Censuswide for IT security software provider Centrify, also revealed that almost two-thirds (65%) of companies have made substantial changes to their cyber security policy in response to COVID-19 and 100% remote working. Despite this, 58% agreed that employees are more likely to try and circumvent company security practices when working from home, indicating serious flaws in the execution of security measures in a remote-working model.

Andy Heather, VP of Centrify, said: “With more people than ever working from home and left to their own devices, it’s inevitable that some will find security work-arounds, such as using personal laptops and not changing passwords, in order to maximise productivity. It’s also possible that the changes in security procedures are not being communicated well to employees, and many are practising unsafe internet usage without even realising.”

In an effort to combat poor security practice from employees, 57% of respondents revealed that they are currently implementing more measures to securely authenticate employees. These measures include biometric data checks, such as fingerprint and facial recognition technology, and other multi-factor authentication steps when gaining access to certain applications, files and accounts. More than half (55%) of businesses already have banned staff from using personal devices to work from home or plan to do so.

“The reality is the weakest link in any organisation continues to be the human element,” added Heather. “Combatting this issue starts from the top. CIOs and business decision makers must implement strict and transparent, cloud enabled and identity-centric security solutions. This will allow companies to quickly and safely deploy scalable security privileged access management measures, which make it impossible for an employee to access company networks, applications and data, unless they are following correct procedures.”

Share Story: