20% of workers don’t follow company security policies all the time
IT personnel burn a full month of work (21 days) managing Identity and Access Management (IAM) each year on mundane tasks such as resetting passwords and tracking app usage. According to a new survey from 1Password, IAM continues to be a significant productivity bog for IT and employees alike, with 57 percent of IT workers resetting employee passwords up to five times per week—and 15 percent doing so at least 21 times per week. 1Password’s wide-ranging survey also explored behavior around Shadow IT in the work from home era as well as the power of EPM to achieve security, productivity and convenience for enterprises.
“The Shadow IT picture is more complicated than many think,” said Jeff Shiner, chief executive officer, 1Password. “Most of us follow the rules, but a small group of employees trying to get more done circumvent policies and create openings for credential attacks. They’re sometimes enabled by IT workers who empathize with their pursuit of productivity..”
IAM is a significant burden—and today’s tools fall short
1Password’s research found that 14 percent of IT workers are consumed with IAM, spending at least an hour per day on routine IAM tasks. It’s no surprise that IT workers are disillusioned with their tools: just 48 percent of IT workers say the majority of IAM products bring value to the company—and 13 percent say less than 10 percent of their IAM products deliver.
Shadow IT: Led by a small group of productivity-minded employees
IAM is often used to detect unauthorized use of software—Shadow IT—and 1Password’s survey revealed that it’s largely successful. Four in five workers report always following their company’s IT policy, meaning that just 20 percent of workers are driving all Shadow IT activity in the enterprise. These employees don’t act out of malice but rather a drive to get more done, with 49 percent citing productivity as their top reason for circumventing IT’s rules.
Employees who break their company’s IT policy tend to be:
Lack of tools amid the relentless quest for productivity
IT workers cited lack of suitable technology resources and concern for employee effectiveness as the reason nearly one in three IT workers are not fully enforcing security policies.