1Password research finds 20% of workers don’t follow company security policies all the time, enabled by IT departments who empathize with pursuit of productivity
IT personnel burn a full month of work (21 days) managing Identity and Access Management (IAM) each year on mundane tasks such as resetting passwords and tracking app usage. According to a new survey from 1Password, the world’s most loved enterprise password manager (EPM), IAM continues to be a significant productivity bog for IT and employees alike, with 57% of IT workers resetting employee passwords up to five times per week—and 15% doing so at least 21 times per week. 1Password’s wide-ranging survey also explored behavior around Shadow IT in the work from home era as well as the power of EPM to achieve security, productivity and convenience for enterprises.
Read More:Â Banks Are Experiencing a Kodak Moment: Lessons Learned from a Fallen Giant
“The Shadow IT picture is more complicated than many think,” said Jeff Shiner, chief executive officer, 1Password. “Most of us follow the rules, but a small group of employees trying to get more done circumvent policies and create openings for credential attacks. They’re sometimes enabled by IT workers who empathize with their pursuit of productivity. 1Password designed our enterprise password manager to reduce the risk of Shadow IT by helping everyone at work be good by being lazy.”
IAM is a significant burden—and today’s tools fall short
1Password’s research found that 14% of IT workers are consumed with IAM, spending at least an hour per day on routine IAM tasks. It’s no surprise that IT workers are disillusioned with their tools: just 48% of IT workers say the majority of IAM products bring value to the company—and 13% say less than 10% of their IAM products deliver.
Shadow IT: Led by a small group of productivity-minded employees
IAM is often used to detect unauthorized use of software—Shadow IT—and 1Password’s survey revealed that it’s largely successful. Four in five workers report always following their company’s IT policy, meaning that just 20% of workers are driving all Shadow IT activity in the enterprise. These employees don’t act out of malice but rather a drive to get more done, with 49% citing productivity as their top reason for circumventing IT’s rules.
Employees who break their company’s IT policy tend to be:
- Speed demons: They’re nearly twice as likely to say convenience is more important than security—and almost 50% more likely to say strict password requirements aren’t worth the hassle.
- Pessimistic about IT capabilities: Employees who break IT policies are nearly twice as likely to say it’s unrealistic for companies to be aware of and manage all apps and devices used by employees at work—and say the IT dept is more of a hindrance than a help.
- Millennials and Gen Z: Nearly three times as many workers who are 18-39 say they do not always follow IT policies, compared to those ages 56 and up.
Lack of tools amid the relentless quest for productivity
IT workers cited lack of suitable technology resources and concern for employee effectiveness as the reason nearly one in three IT workers are not fully enforcing security policies.
- Twenty-five percent of IT workers say they don’t enforce security policies universally and 4% don’t enforce those policies at all due to the hassle involved with managing policies to concerns over workforce productivity.
- Thirty-eight percent of IT workers who do not strictly enforce security policies said their organization’s method for monitoring is not robust, while 29% agreed “it’s just too hard and time consuming to track and enforce” and 28% said “our employees get more done if we just let them manage their own software.”
- One in three IT workers say that strict password requirements at work aren’t worth the hassle.
Enterprise password managers are gaining traction as a solution
- 89% of IT departments using a password manager say it’s had a measurable impact on security at their company.
- IT departments using EPMs report that they save time and frustration for employees (57%), reduce time for IT departments (45%), enhance productivity (37%), reduce breaches/attacks (26%) and create happier employees (26%).
Survey Methodology
1Password conducted this research using an online survey prepared by Method Research and distributed by Dynata among n=1,000 full-time computer/desk-job employees who work in the United States. Half of the respondents work in their company’s IT department (n=501) and half came from any department (n=499). Respondents were ages 18+ and the sample was roughly balanced across age and geographic area. Data was collected from April 15 – April 23, 2020.
Read More:Â A Quick Review on Some of The Biggest Global Fintech Mergers & Acquisitions