The rapid growth of cloud storage and workplace use of personal devices – "bring your own device," or BYOD – raises new concerns about confidential data being taken out of the workplace. People no longer need to stuff sensitive documents into briefcases, or even load it onto portable flash drives. They need only access the workplace cloud, from home or elsewhere.
But as a recent study commissioned by cloud provider FileTrek suggests, at the heart of this security challenge is not technology, but the ambiguity and outright contradictions of employees' attitudes.
And the contradictions are glaring. Fully 79 percent of employees surveyed in the study said that removing confidential data from the workplace should be a firing offense. (Only incompetence and sexual harrassment rate higher.) Yet these same workers overwhelmingly agree (90 percent) that it happens all the time.
Moreover, in many specific cases they think it is okay to take sensitive data out of the workplace. Nearly half, 48 percent, say it is acceptable "when [the] boss says it's okay to do so." Nearly a third say it is acceptable to remove data in order to finish up work at home, or on vacation.
Really, all of these contradictory results can be boiled down to one: If someone else takes sensitive data home it is a threat to the company and everyone's livelihood, including ours. But when we take data home, it is for a good reason, or at least harmless.