A recent survey by Harris Interactive for security software provider FileTrek has some discouraging findings regarding American attitudes about confidential information in the workplace. Here are the particulars:
Although most adults (79%) agree that taking confidential files outside the office is grounds for termination, a majority of Americans (90%) nevertheless believe people remove confidential documents from the workplace. Most adults surveyed said that if they were going to risk taking confidential documents, they would use a USB drive (55%).
Not surprisingly, the study also found a “generational gap” in attitudes about confidential information in the workplace. While a solid majority (68%) of the so-called Millennial generation (those between the ages of 18-34) believe it is acceptable to remove confidential files out of the office, only 50% of the 55+ age group believe the same. In addition, adults 55 and older are more likely to believe someone should be fired for taking confidential information than their younger counterparts (86% vs. 74% of those ages 18-54).
Though 40% of adults surveyed said it is never acceptable to remove confidential company information out of the office, the report found there are circumstances for which they believe it is acceptable:
- 48% – when boss says it’s okay to do so;
- 32% – to finish a late night project from home instead of having to stay at the office;
- 30% – to work over the weekend or while on vacation;
- 16% – when it is confidential information about themselves;
- 2% – when it can be brought back to the office before the boss knows it was gone;
- 2% – to show something to family or friends who promise to keep it confidential (my personal favorite).
FileTrek’s CEO, Dale Quayle, interprets the survey’s results to mean that “[t]oday’s workforce believes information is an asset to be shared, and while companies have benefited from this collaborative attitude with new technologies and increased productivity, there are risks too.”
The takeaway? Employers need to be prepared to address these attitudes with better education and training to make sure that employees fully understand the importance of preserving the confidentiality of trade secrets and other proprietary data. As I wrote a couple of months ago, building and reinforcing a culture of security is the first and most important step. And unfortunately, if the message does not get through, they may need to be prepared to use litigation to protect themselves. (Thanks to Jon Hyman’s excellent Ohio Employers Law Blog, which had a post about the study this month).