Multiple Studies Confirm User Habits Undermine IT Security

No matter how many security tools IT pros may install in the enterprise, if users perceive the software as slowing them down, they'll find other, insecure options. Also in the news this week: Cloud start-ups pull in funding, Europe's behind on cloud deployment, and Microsoft embraces the dark (mode.)

2 Min Read
Image courtesy of Thinkstock

IT security starts with people, as three recent reports demonstrated. SaaS company Igloo Software found that 61% of all workers use email as their primary method for sharing sensitive or private information, and 28% see no problem dropping sensitive information into an instant message. Even more notable: 76% of workers are using non-IT-approved communications apps at work because they believe they're working more easily and efficiently than they would be if they stuck to IT-approved tools, and 66% of workers say they use non-IT-approved communication apps because they are less likely to be monitored or tracked.

Security software company Varonis surveyed companies in the post-GDPR landscape and found that more than half of their respondents had more than 1,000 sensitive files accessible to every employee. "Globally accessible data puts organizations at risk from insiders, malware and ransomware attacks: it takes just one click on a phishing email to set off a chain reaction that encrypts or destroys all accessible files," noted to the report.

And on Tuesday, Black Duck released its annual Open Source Security and Risk Analysis (OSSRA) report, assessing the state of open source security in 2018. Among the security findings: 60% of codebases in the survey contained at least one vulnerability. The good news? This is down 18% from the 78% reported in 2017.


Microsoft dropped a raft of developer-related announcements this week, among them:

The preview of Windows Vision Skills, a set of NuGet packages that make it easy for application developers to solve complex computer vision problems using a simple set of APIs.

Microsoft released a preview of the Windows 10 WinRT API Pack. By using these NuGet packages, developers can quickly and easily add new Windows functionality to their applications like Geolocation, Windows AI and Machine Learning.

—  Babylon.js 4.0 has officially been released. Babylon.js 4.0 includes a new inspector tool which helps developers and artists setup or debug a scene.

— And dark mode will be the default across Microsoft's dev tools. As the company said in the blog post announcing the change, "Our data shows that more than 85% of users are using some variation of a dark theme in VS Code, so we decided to flip the browser DevTools to dark theme by default."


Europe is behind the rest of the world from cloud maturity perceptive, O’Reilly Media reports. They found that just under a quarter (24%) of recent survey correspondents have been using cloud-based infrastructure in production for more than four years, compared to a global response level of 26%.

Software-defined networking start-up Aryanka raised $50 million in a series F funding round. Software-defined networking technology decouples network equipment from network management, and research firm Gartner anticipates that the technology will be in 30% of enterprises by 2020.

Cloud infrastructure automation platform DivvyCloud just raised $19 million. The company works with public clouds to set up a robust user and permission management system.

About the Author(s)

Richard Hay

Senior Content Producer, IT Pro Today (Informa Tech)

I served for 29 plus years in the U.S. Navy and retired as a Master Chief Petty Officer in November 2011. My work background in the Navy was telecommunications related so my hobby of computers fit well with what I did for the Navy. I consider myself a tech geek and enjoy most things in that arena.

My first website – – came online in 1995. Back then I used GeoCities Web Hosting for it and is the result of the work I have done on that site since 1995.

In January 2010 my community contributions were recognized by Microsoft when I received my first Most Valuable Professional (MVP) Award for the Windows Operating System. Since then I have been renewed as a Microsoft MVP each subsequent year since that initial award. I am also a member of the inaugural group of Windows Insider MVPs which began in 2016.

I previously hosted the Observed Tech PODCAST for 10 years and 317 episodes and now host a new podcast called Faith, Tech, and Space. 

I began contributing to Penton Technology websites in January 2015 and in April 2017 I was hired as the Senior Content Producer for Penton Technology which is now Informa Tech. In that role, I contribute to ITPro Today and cover operating systems, enterprise technology, and productivity.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like