Occasional malicious insiders are still a factor. But according to an RSA survey, well-meaning employees can expose sensitive data just by doing their jobs: through careless behavior, working around security measures or following poor security policies. An informal survey conducted by RSA last month from Boston and Washington, D.C., reveals that trusted insiders can easily expose sensitive company and client information simply by doing their jobs.Every day, people come into contact with sensitive or confidential information. Whether they’re employees, contractors, suppliers, partners, visitors or consultants, these insiders can unwittingly expose data through carelessness, working around security measures or following inadequate security policies.RSA says a third (35 percent) of respondents have felt the need to work around their organization’s established security policies and procedures—just to get their job done.Sixty-three percent of respondents send work documents to their personal e-mail addresses so that they can access them from home. Doing so leaves the messages and data vulnerable during transmission, as does storing them on an unsecured machine outside the domain of the company. E-mail poses other risks as well. Consider the documents and e-mails your company sends—would you want that information made public? More than half of those surveyed access their work e-mail accounts via a public wireless hotspot; 52 percent access their work e-mail via a public computer. Mobile devices are also a concern. According to RSA, “65 percent of respondents frequently or sometimes leave their workplace carrying a mobile device such as a laptop, smartphone or USB flash drive” that holds sensitive information related to their jobs: customer data, Social Security or credit card numbers, company financials and competitively sensitive information like product plans. Of those surveyed, 8 percent have lost a mobile device that contained corporate or organizational information.At two-thirds of respondents’ companies, wireless connections are available in conference rooms and guest offices; of those,19 percent reported that access to the corporate network is completely open and no credentials are required.Common courtesy also plays a role in insider breaches. Convicted social engineer Kevin Mitnick and con man Frank Abagnale often relied on it to (literally) get their foot in the door. The survey revealed that 34 percent of respondents have held a secured door open for someone they didn’t recognize; 40 percent were let into the building by someone who didn’t know them. Related content feature 5G ready or 5G really? Industry CIOs face hard truths about private 5G Some enterprises are building private 5G networks for their industrial environments, only to find they have to initially settle for 4G service. So what is private 5G ready for, and what can it really do? By Peter Sayer Jun 06, 2023 8 mins CIO Network Appliances Network Switches opinion 5 tips for startup partnership success Corporate venture investments provide IT leaders with new engines for IT innovation, broader networks for emerging opportunities, fuel for in-house transformation, and improved career prospects — if done right. By Isaac Sacolick Jun 06, 2023 8 mins Startups Digital Transformation IT Strategy feature 14 organizations that support LGBTQ+ tech workers Offering networking, mentorship, and career development opportunities, these 14 professional orgs foster community for LGBTQ+ workers in an industry that isn’t always welcoming. By Sarah K. White Jun 06, 2023 9 mins Diversity and Inclusion brandpost ChatGPT and Your Organisation: How to Monitor Usage and Be More Aware of Security Risks By Hayley Salyer Jun 05, 2023 7 mins Chatbots Artificial Intelligence Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe