The research was conducted by OnePoll and based on surveying 1000 UK employees who have access to customer data at work. The results suggest a lack of awareness of basic data protection policies and worrying behaviours such as snooping on sensitive personal information and sharing work login details with colleagues.
While the majority of the respondents recognise that hackers are criminals, 1 in 5 believe hackers do a worthwhile job by exposing security defects that should have been fixed by organisations. Notably the younger generation holds this view more than their older counterparts with a quarter of 18-24 respondents supporting this view.
This age gap is significant throughout the findings with the younger Millennial generation sometimes twice as likely to be more cavalier with their access habits. For example, 30% of the 18-24 years old respondents would snoop on sensitive customer data at work compared to only 12% of the 45-54 years old employees.
The research also revealed that men are more reckless than women when it comes to breaching their employer’s data protection policies. Male employees are twice more likely to access the database of an old employer if they still have access rights and more likely to pass on confidential information for money or if they feel they’ve been treated unfairly (36% men vs. 21% women).
Additional data from the research revealed that:
- 27% of UK professionals believe that the Morrisons employee was right to steal payroll data in the security breach that took place in March this year
- 30% of employees would pass on confidential information about their employer if they suspected they were involved in illegal activity
- 39% of people share work login details with colleagues despite the regular warnings about protecting passwords
- A third (33%) of UK professionals would consider accessing a previous employer’s data to help them with a new job
- A third (33%) would access or download information from a previous employer using an old password
- 21% of UK professionals would snoop on sensitive personal data if they have access to it.