When employees shop online at work for holiday presents, they may be exposing their companies to security risks. The culprit is their unwillingness to give up sloppy security practices online, even when they know better. And most of them know better, a new survey shows.
Ninety percent of U.S. employees who use a computer, tablet PC or smartphone for work activities feel their online privacy is threatened, but more than half (53 percent) continue to engage in potentially risky actions online, according to a survey of more than 1,400 of its U.S. members conducted by ISACA, a global nonprofit IT association.
These risky behaviors pose a special challenge to employers during the holiday season, with employees expecting to spend an average of nine hours online at work shopping. And those shopping at work using their own devices, thanks to increasingly liberal bring-your-own-device policies, will spend on average 12 hours purchasing holiday gifts.
Almost two-thirds (65 percent) of employees admit that they don't verify the security settings on online shopping sites and more than a third (36 percent) have clicked on a link on a social media site from their work device, the survey found.
Other potentially risky online behaviors revealed by the survey include employees using their work email address for personal online shopping or other non-work activities (19 percent), storing work passwords on their personal devices (12 percent) and using a cloud service such as Dropbox or Google Docs for work documents without their company's knowledge.
Online holiday shopping at work is also a pocketbook issue for companies, a separate ISACA survey showed. More than a third (37 percent) of survey respondents said that enterprises will lose $15,000 or more in productivity as a result of employee shopping online at work.