Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe workarounds, according to Ivanti. When employees have unfettered access to GenAI tools and other advanced technologies, it can introduce challenges with data privacy, compliance, cyber risks, and copyrighted materials. “Companies should take steps to understand their employees’ workplace behaviors and adopt security measures that reduce the temptation for employees to sidestep protocols and use unsafe workarounds. Unapproved GenAI tools — just like any other shadow IT — introduce risk by expanding the organization’s attack surface without any oversight from security, potentially introducing unknown vulnerabilities that compromise an organization’s security posture. By focusing on UX in security measures, organizations can minimize the likelihood of employees bypassing established protocols and resorting to unsafe workarounds. DEX-informed security minimizes the need for employees to change their typical work behaviors. “Although harmless in the moment, employees typically opt for convenience and put security on the back burner,” said Mike Riemer, Field CISO, Ivanti. Yet, despite the significant contributions DEX tools can make to security, only 38% of companies consult the CISO for input on digital employee experience (DEX) strategy, investments, and planning. Employees may inadvertently enter sensitive company or customer data into GenAI tools. Yet, just 13% of security professionals say user experience (UX) for end users is a mission-critical priority when adopting cybersecurity tech interventions. Ivanti’s research shows that 81% of office workers report they have not been trained on GenAI and 15% are using unsanctioned tools. 32% of security and IT professionals have no documented strategy in place to address GenAI risks. Whether half of employees work remotely or just a small fraction do, there is still a profound need to ensure that the company supports all the ways employees work. Currently, most security professionals (89%) say they have invested in the right security-related UEM tools to automate security practices. 60% of executive leaders in 2024 believe employees need to be in the office to be productive, compared to 44% last year. Even if employers are pressuring employees back to the office, it does not mean remote working is no longer a priority or concern.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Thu, 03 Oct 2024 04:13:05 +0000