Ivanti released its latest report on
Securing the Digital Employee Experience,
which details how companies can strike the right balance between
securing the company and ensuring a positive digital employee experience
(DEX).
When employees encounter tech friction or feel frustrated with the tools
they are asked to use, they will find a workaround. In fact, one in two
office workers admit to using personal devices to log into work
networks, with 32% of them revealing their employers are unaware of this
practice. Yet, just 13% of security professionals say user experience
(UX) for end users is a mission-critical priority when adopting
cybersecurity tech interventions. By focusing on UX in security
measures, organizations can minimize the likelihood of employees
bypassing established protocols and resorting to unsafe workarounds.
"Although harmless in the moment, employees typically opt for
convenience and put security on the back burner," said Mike Riemer,
Field CISO, Ivanti. "Companies should take steps to understand their
employees' workplace behaviors and adopt security measures that reduce
the temptation for employees to sidestep protocols and use unsafe
workarounds. Strong security shouldn't come at the cost of user
experience, as it is integral to maintaining both security and
productivity."
Key findings from the report include the following:
-
With the rise of Gen AI, poor security hygiene will increase:
When employees have unfettered access to Gen AI tools and other advanced
technologies, it can introduce challenges with data privacy,
compliance, cyber risks, and copyrighted materials. Ivanti's research
shows that 81% of office workers report they have not been trained on
Gen AI and 15% are using unsanctioned tools.
-
Companies aren't providing secure tools for in-office, remote and hybrid work:
Whether half of your employees work remotely or just a small fraction
do, there is still a profound need to ensure that the company supports
all the ways employees work. Only 62% use a VPN or a zero-trust access
solution to restrict network access and protect sensitive information,
and only 57% use multi-factor authentication.
-
Security leaders are often excluded from DEX investment decisions:
DEX-informed security minimizes the need for employees to change their
typical behaviors at work. Yet, only 38% of companies consult the CISO
for input on DEX strategy, investments, and planning, despite the
significant contributions DEX tools can make to security.
Ivanti surveyed over 20,000 IT professionals, executive leaders, office
workers and security professionals around the world to understand what
organizations are doing to enable positive digital employee experience
(DEX) and any barriers organizations face to deliver frictionless
experiences.