Workers are increasingly concerned about the ability of enterprises to keep them protected as they work from home.
Cisco has released two studies examining how workers feel about the current state of play when it comes to remote work security and data privacy, finding that thousands around the world are increasingly concerned about how their employers are handling the massive societal changes that have occurred over the last six months.
The “Consumer Privacy” report includes findings from a study of responses from more than 2,600 adults in 12 countries across Europe, Asia, and the Americas. The “Global Future of Secure Remote Work” report has insights gleaned from over 3,000 IT decision makers in the Americas, Japan, China, and Europe.
Both reports indicate that remote work is now a permanent part of the new normal, with 62% of respondents telling researchers that more than half of their workplace is working remotely since the onset of the coronavirus pandemic. Despite the massive shift to telecommuting, the vast majority of people who responded to the survey said they did not trust the digital tools they used for work.
Workers and consumers are particularly concerned about the privacy protections built into the tools they use for work and nearly half of all respondents said they do not feel that most businesses can effectively protect their data today. Nearly 80% of that same group said they felt it is too difficult for them to figure out what companies are actually doing with their data.
“Cisco’s latest privacy research highlights that people care deeply about protecting their data, and many have stopped doing business with companies due to data privacy concerns,” said Brad Arkin, senior vice president and chief security and trust officer at Cisco.
SEE: COVID-19 workplace policy (TechRepublic Premium)
While many consumers and workers acknowledge the effects of COVID-19 on life, they still want their information protected and will only support limited exceptions when it comes to giving up their privacy.
More than 80% of respondents said they were either working or learning remotely but had concerns that the information they were sharing was not being protected properly. Just 10% said privacy laws should “take a back seat” to the pandemic when it comes to sharing medical information and other personal data.
Despite that, nearly 60% of survey respondents said they were in support of employers asking for employee health information to protect the wider workforce. But the numbers dipped when people were asked if they supported location tracking or information about people who were infected with COVID-19.
The main concerns expressed in the survey were that their data would be used for things other than their intended purpose, that it would be shared with unapproved third parties, and that their information would not be deleted or anonymized once it is no longer useful.
The studies found that one-third of all consumers are what Cisco calls “Privacy Actives,” who make decisions on what platforms they use based on their data privacy posture. Generally those who are considered “Privacy Actives” were younger and believed a company’s data privacy rules reflected how they viewed their customers.
More than 30% of people deemed “Privacy Actives” have left social media companies over privacy concerns and another 28% have abandoned certain Internet Service Providers over the same concerns. These privacy concerns extended to almost every industry, including retailers, banks, financial institutions, phone providers, and credit card companies.
Almost half of all respondents said they would return to the companies if they addressed their data privacy issues, but nearly a third said it was very likely they would never go back.
Consumers also expect their governments to take proactive measures to protect the data privacy of citizens and respondents living in countries with data privacy laws like the GDPR viewed them positively. According to the survey, 40% of respondents said national governments should play a role in enforcing data privacy rules while 16% said local governments also should play a role, and 20% said private companies had to take responsibility.
Hundreds of respondents hailed from countries with privacy laws like the Federal Privacy Act in Australia, the Lei Geral de Proteção de Dados Pessoais in Brazil, the Personal Information Protection Act in Japan, and the proposed Personal Data Protection Bill in India.
More than half of all respondents said these data privacy laws had a positive impact. Awareness about country-specific data privacy laws varied greatly depending on the region. Globally, younger respondents under the age of 35 were more likely to know about data privacy laws and certain countries had extraordinarily low levels of awareness, like Brazil at 33% and Italy at 39%.
Despite varying levels of awareness about data privacy, almost half of all respondents said they did not feel they knew how to protect their data because they were not sure how companies were using their information. Others felt they were forced to use certain platforms or services and had no choice but to accept that their data was not safe.
“The pandemic has only elevated privacy as a central condition for trust in an environment where governments, businesses and schools have gone virtual,” said Omer Tene, vice president and chief knowledge officer for International Association of Privacy Professionals, in a statement.
The “Global Future of Secure Remote Work” report similarly highlighted the digital safety concerns of IT leaders, who have been thrust into an unprecedented situation with the massive shift to remote work.
Respondents from every region also said the end of working from home was nowhere in sight, with the majority saying their organizations planned to continue remote work for the foreseeable future.
Evidence of the recent deluge of cybersecurity incidents and attacks showed up in the survey responses, with 61% of respondents saying their organizations experienced a jump of 25% or more in cyber threats and alerts since the start of the pandemic.
Nearly 80% of companies in the architecture and engineering industry saw an increase in cyberthreats and alerts while the chemical engineering and manufacturing sector and education sector saw increases as well.
Overall, 96% of organizations of all sizes across the world reported that they had to make changes to their cybersecurity policies to better support the move to remote working. Many of these will be made permanent, survey respondents said, citing specific policy changes made around increased VPN capacity, increased web controls and acceptable use policy as well as the implementation of multifactor authentication.
When it came to priorities, 34% of respondents ranked cybersecurity investment as the top choice but also cited other key investments in network access, cloud security as well as user and device verification.
“Businesses that have made incremental and continuous investments in pre-pandemic technology, such as cloud security solutions and zero trust frameworks, have been the best prepared to support remote work,” the report said.
“Likewise, enhancing cybersecurity measures that support such arrangements, have placed organizations in a better position to face the potential increase in the number and variety of cybersecurity attacks.”