When employees encounter tech friction or feel frustrated with the tools they are asked to use, they will find a workaround. In fact, one in two office workers admit to using personal devices to log into work networks, with 32% of them revealing their employers are unaware of this practice, according to Securing the Digital Employee Experience, a report from Ivanti.
Yet, just 13% of security professionals say user experience (UX) for end users is a mission-critical priority when adopting cybersecurity tech interventions. By focusing on UX in security measures, organizations can minimize the likelihood of employees bypassing established protocols and resorting to unsafe workarounds.
"Although harmless in the moment, employees typically opt for convenience and put security on the back burner," said Mike Riemer, Field CISO, Ivanti. "Companies should take steps to understand their employees' workplace behaviors and adopt security measures that reduce the temptation for employees to sidestep protocols and use unsafe workarounds. Strong security shouldn't come at the cost of user experience, as it is integral to maintaining both security and productivity."
Key findings from the report include the following:
With the rise of Gen AI, poor security hygiene will increase
When employees have unfettered access to Gen AI tools and other advanced technologies, it can introduce challenges with data privacy, compliance, cyber risks, and copyrighted materials. Ivanti's research shows that 81% of office workers report they have not been trained on Gen AI and 15% are using unsanctioned tools.
Companies aren't providing secure tools for in-office, remote and hybrid work
Whether half of your employees work remotely or just a small fraction do, there is still a profound need to ensure that the company supports all the ways employees work. Only 62% use a VPN or a zero-trust access solution to restrict network access and protect sensitive information, and only 57% use multi-factor authentication.
Security leaders are often excluded from DEX investment decisions
Digital employee experience (DEX)-informed security minimizes the need for employees to change their typical behaviors at work. Yet, only 38% of companies consult the CISO for input on DEX strategy, investments, and planning, despite the significant contributions DEX tools can make to security.
Methodology: Ivanti surveyed over 20,000 IT professionals, executive leaders, office workers and security professionals around the world to understand what organizations are doing to enable positive digital employee experience (DEX) and any barriers organizations face to deliver frictionless experiences.
