New research shows human error, embarrassment and ransomware combine to undermine the benefits of cloud adoption
Veritas Technologies, the global leader in enterprise data protection, today announced the findings of new research highlighting the damage that workplace blame cultures are having on the success of cloud adoption. Veritas found that businesses are losing critical data, such as customer orders and financial data, because office workers are too scared or too embarrassed to report data loss or ransomware issues when using cloud applications, such as Microsoft Office 365.
“Businesses need to help, not blame, employees when data is lost or encrypted by hackers as a result of employee action,” said Pete Murray, Managing Director, ANZ, Veritas. “There’s often a short window where businesses can act to minimise the impact of deleting or corrupting the cloud-based data. Leaders need to motivate employees to come forward as soon as possible so IT teams can take remedial action quickly. It’s clear from this research that shaming and punishment are not ideal ways to do that.”
Chief among the findings is that half (50%) of office workers have accidentally deleted files hosted in the cloud—such as business documents, presentations and spreadsheets—and as many as 14% do so multiple times per week. The additional findings are:
Employees are too embarrassed, scared to admit mistakes
The research revealed that almost a third (28%) of employees lied to cover up the fact they had accidentally deleted data they stored in shared cloud drives. And while 42% said no one noticed their error, in the cases where the accidents were discovered, 18% of respondents reported the data was no longer recoverable.
When asked why they had failed to own up to their errors, 26% of respondents said that they kept quiet because they were ashamed, 18% because they were frightened of the consequences and 3% because they have been in trouble with their IT departments before.
Employees are even less forthcoming with ransomware incidents. Just 31% of respondents said they would immediately confess mistakes that introduced ransomware into their organisations. Another 30% said they would either do nothing or pretend it hadn’t happened, and 30% said they would omit their own guilt as they report the incident.
“Employees are increasingly reliant on cloud-based technologies to get their work done,” Murray added. “Today, 37% of office workers store data in cloud folders assigned to them, 25% in folders that sync to the cloud and 21% in cloud folders that they share with their teams. Unfortunately, with more people accessing cloud drives, the more opportunities there are for individuals to avoid suspicion or pass the blame. However, without knowing the full details of who caused a ransomware attack, plus how and when, it’s much harder to limit its impact.”
The cloud gives office workers false confidence
The research also highlighted that employee do not have a clear understanding of how much help the cloud companies hosting their files would be in the event that their data is lost. In fact, nearly all employees (92%) thought their cloud provider would be able to restore their files for them, either from a cloud copy, their ‘deleted items’ folder or a backup. 13% thought their ‘deleted items’ would be available to them in the cloud for at least a year after the data is lost.
“Almost half (43%) of office workers think data in the cloud is safer from ransomware because they assume their cloud providers are protecting it from malware they might accidentally introduce,” Murray said. “This is a misconception that will continue to put businesses at risk until it’s thoroughly debunked.
The truth is that, as part of their standard service, most cloud providers only provide guarantee of resiliency of their service, they do not provide guarantees that a customer, using their service, will have their data protected. In fact, many go as far to have shared-responsibly models in their terms and conditions, which make it clear that the customer’s data is their responsibility to protect. Storing data in the cloud doesn’t automatically make it safe, it still requires strong data protection.”
With today’s culture of shame, data loss is impacting employee wellbeing—29% of office workers report using profanity as they lost data, 11% have lashed out and broken something and 16% have been reduced to tears. According to the research, losing work-related data or introducing ransomware are two of the most stressful experiences for office workers—more stressful than a first date, a job interview or sitting for an exam.
“It’s no surprise that office workers are being driven to tears, swearing and lying when they find their files are lost forever,” Murray concluded. “While many of them believe it’s going to be easy to get data back from the company providing their cloud service—in reality, that’s not their job. As a result, 51% of respondents to our survey said they’d accidentally deleted a file in the cloud and were never able to get it back.
It’s every business’ responsibility to protect their own data, whether in the cloud or stored on their own devices. If they can get that right and make it easy for workers to restore lost files, then they can take the pressure off their employees. Blaming people doesn’t help—backing up your data however, does.”