What are employees doing on your time?

Australian workers often send work documents to personal emails, disclose personal credit card details and most are more worried about compromising their personal finances than corporate data, according to a new study.

The September report, ‘State of Security 2007’, conducted by Sydney-based marketing research firm StollzNow and commissioned by security vendor Websense questioned 158 employees who use the Internet as part of their work and 159 IT managers about Internet security in the workplace.

As an indicator of time spent online, the report found that employees spend on average a total of 85.3 minutes per day on work-related online usage including email. Approximately one third of that is for personal use.

According to Joel Camissar, ANZ country manager at Websense, people are spending an enormous amount of personal time online at work, much of which raises security concerns for both the user and the IT department.

Delving a little further, we find that 53 percent of employees have sent work docs to personal email accounts; 20 percent have opened suspicious emails and 17 percent have clicked on pop-up ads – FYI nine percent have viewed adult material.

Andrew Antal, marketing director, APAC at MessageLabs said: “While most workers know not to open emails from dubious sources, many don’t realise they could put their corporate network at risk by visiting a website they trust.”

What else are employees doing online? Surprisingly, employees ‘can’t live without’ access to their finances, news, sport and personal email.

Forty six percent to be exact couldn’t live without access to their finances over entertaining themselves on YouTube. It was not a shock to find that employees are most worried about compromising their own personal data over corporate data.

Thirty percent were most worried about their banking details being stolen or compromised.

Coming in third and most concerning for business owners was that only 17 percent of employees were worried about the loss of company data.

According to Serdar Yelutas, regional sales manager at email encryption vendor Tumbleweed, this is not surprising. “No matter how well intentioned they are, no matter how many times they’ve gone through security training, even the best employees will sometimes make mistakes and send some kind of sensitive information outside the organisation.

Analysts say Australian managers have a far more trusted relationship with their employees than those in the US. Of course, compliance plays a factor in this. However, ‘watching over your employee’s back’, in my view is not the answer to this growing risk.

are doing employees on security time what your