According to 1Password's findings, disruptive technologies such as artificial intelligence are exacerbating the long-standing "tension" between enterprise security and employee productivity. To make matters worse, 50% of cybersecurity experts say it's nearly impossible to find the right balance between business security and employee productivity.
Employees are under increasing pressure to work in an ever-changing environment, using artificial intelligence, remote work, and unapproved apps and devices to be more productive. According to Jeff Shiner, CEO of 1Password, the increased focus on productivity has created a significant security challenge for IT and security leaders, who often feel they don't have the budget to keep their employees safe.
In addition, 1Password CEO Jeff Shiner pointed out that when it comes to security and productivity, there shouldn't be one or the other, and that no matter how employees prefer to work, businesses and security service providers need to provide solutions that protect employees and increase productivity, and that businesses need to keep their employees safe as they are.
Technology expansion creates challenges for security teams
While enterprise IT and security teams struggle to expand employee access to new tools and technologies such as generative AI, they struggle to keep up with the pace of iteration of these technologies, and the challenges of securing the enterprise have increased dramatically. According to 1Password's survey data, 50% of security experts say it's nearly impossible to find the right balance between security and employee productivity.
Of these, 69% of security experts admit that they are at least partially reactive when it comes to security. Seventy-nine percent of respondents believe their security measures are inadequate, and 69 percent note that single sign-on (SSO) tools are not a complete solution for keeping employees' identities safe.
In addition, many respondents pointed out that employees tend to use tools, technologies, and devices to be more productive, and while they support the way they want to work, employees often don't consider or understand the impact of using these technologies or devices on business security.
According to 1Password's survey, 34% of employees use unapproved applications and tools, known as "shadow IT," and these employees use an average of five "shadow IT applications" or tools, each representing a potential new threat vector.
But 17% of employees admit to never using a device at work, instead choosing to use a personal or public computer. Fifty-four percent of employees admit to lax safety policies with their company's policies, citing a desire to get work done quickly and be more productive (24%), as well as finding safety policies inconvenient (11%) or overly restrictive or unreasonable (11%).
Forty-four percent of employees say there are fewer security concerns if tools are easier to use and policies are easier to follow, but less than one in 10 cybersecurity experts (9%) say employee convenience is their top consideration when choosing security software.
The rise of generative AI
The rise of generative AI has accelerated the "wrestling" between security and employee productivity, with security teams concerned that generative AI could expand the attack surface, while employees see the potential to use AI to improve efficiency and output. In response, 92% of cybersecurity professionals have security concerns about generative AI, including employees entering sensitive company data into AI tools (48%), using AI systems trained with erroneous or malicious data (44%), and falling for AI-enhanced phishing attempts (42%).
In addition, 57% of employees say that using AI-generated tools at work saves time and increases productivity, and a small percentage (22%) admit to knowingly violating the company's rules regarding the use of generative AI, but this is a relatively small percentage.
References:
https://www.helpnetsecurity.com/2024/04/05/employee-security-productivity-balance/