Business Technology

Sunday 22 September 2019

Workers using dark web in the office 'pose extra security risks'

Hidden dangers: Staff accessing the dark web at work leaves company servers vulnerable, warns David Keating of DataSolutions
Hidden dangers: Staff accessing the dark web at work leaves company servers vulnerable, warns David Keating of DataSolutions

Shawn Pogatchnik

One in five Irish office workers admit they spend more than an hour each work day using company devices for online personal matters - including access to 'dark web' sites that increase employers' exposure to cyber attacks, according to IT security firm DataSolutions.

Its survey, published today, conducted by Censuswide among 500 office workers in May, found that potentially risky online activities were most common among 'Gen Z' workers aged 16 to 23, some 22pc of whom admitted they used work equipment to log on to sites and services that shield users' and operators' IDs.

Such dark web activities - so-called because the sites in question do not operate openly, do not appear in search engine results and encourage anonymity - pose a particular danger for company IT managers, according to David Keating, group security director at DataSolutions.

"If employees are engaging in personal activities at work, and perhaps interacting with insecure websites or entering confidential information, then company servers could be more susceptible to cyber attacks," Mr Keating said.

The survey found 20pc of staff admitted spending more than an hour a day using internet-connected work equipment to pursue personal matters, from browsing the web and social media to planning holidays. But such behaviour was more pronounced among younger workers, with 39pc of Gen Z staff saying they did this, 26pc of millennials aged 24 to 37, and 10pc of those aged 38 or over.

More than half said a manager had caught them pursuing personal online activity, but just 10pc faced a warning or disciplinary action, while 42pc said their boss did not care.

"The real question is whether employers are fully aware of what employees are doing on work devices and whether safeguards are in place to protect the organisation," Mr Keating said. "It's not about banning personal activities altogether. It's about being aware of potential weak spots and introducing technologies that help to protect work systems and data.

"Not only information and infrastructure are potentially at risk here; it's the company's reputation and customer base."

The Secure Computing Forum, a joint venture of DataSolutions and Independent News & Media Group Limited to promote cybersecurity, takes place on September 12 at the RDS in Dublin. Find tickets and information at securecomputingforum.ie

Indo Business

Also in Business