Veritas Technologies, the global leader in enterprise data protection, today announced the findings of new research highlighting the damage that workplace blame cultures are having on the success of cloud adoption. Veritas found that UK businesses are losing critical data, such as customer orders and financial data, because office workers are too scared or too embarrassed to report data loss or ransomware issues when using cloud applications, such as Microsoft Office 365.
“Businesses need to help, not blame, employees when data is lost or encrypted by hackers as a result of employee action,” said Simon Jelley, general manager of SaaS protection at Veritas. “There’s often a short window where businesses can act to minimise the impact of deleting or corrupting the cloud-based data office workers use. Leaders need to motivate employees to come forward as soon as possible so IT teams can act fast to take remedial action. It’s clear from this research that shaming and punishment are not ideal ways to do that.”
Chief among the findings is that over half (51%) of UK-based office workers have accidentally deleted files hosted in the cloud—such as business documents, presentations and spreadsheets—and as many as 20% do so multiple times per week.
Employees are too embarrassed, scared to admit mistakes
The research, which included 2,000 office workers from the UK, revealed that 43% of employees have lied to cover up the fact they had accidentally deleted data they stored in shared cloud drives. And while 40% said no one noticed their error, in the cases where the accidents were discovered, 17% of respondents reported the data was no longer recoverable.
When asked why they had failed to own up to their errors, 36% of the UK-based respondents said that they kept quiet because they were ashamed, 15% because they were frightened of the consequences and 7% because they have been in trouble with their IT departments before.
Employees are even less forthcoming with ransomware incidents. Just 29% of respondents said they would immediately confess mistakes that introduced ransomware into their organisations. Another 36% said they would either do nothing or pretend it hadn’t happened, and 26% said they would omit their own guilt as they report the incident.
“Employees are increasingly reliant on cloud-based technologies to help them get their work done,” Jelley added. “Today, 39% of office workers store data in cloud folders assigned to them, 24% in folders that sync to the cloud and 18% in cloud folders that they share with their teams. Unfortunately, the more people there are accessing cloud drives, the more opportunities there are for individuals to avoid suspicion or pass the blame. However, without knowing the full details of who caused a ransomware attack, plus how and when, it’s much harder to limit its impact.”
The cloud gives office workers false confidence
The research also highlighted that UK employees do not have a clear understanding of how much help the cloud companies hosting their files would be in the event that their data is lost. In fact, nearly all employees (93%) thought their cloud provider would be able to restore their files for them, either from a cloud copy, their ‘deleted items’ folder or a backup. 16% thought their ‘deleted items’ would be available to them in the cloud for at least a year after the data is lost.
“Almost half (44%) of office workers think data in the cloud is safer from ransomware because they assume their cloud providers are protecting it from malware they might accidentally introduce,” Jelley said. “This is a fundamentally incorrect assumption that will continue to put businesses at risk until it’s thoroughly debunked. The truth is that, as part of their standard service, most cloud providers only provide guarantee of resiliency of their service, they do not provide guarantees that a customer, using their service, will have their data protected. In fact, many go as far to have shared-responsibly models in their terms and conditions, which make it clear that the customer’s data is their responsibility to protect. Storing data in the cloud doesn’t automatically make it safe, it still needs strong data protection.”
Data loss causes employees to snap
With today’s culture of shame, data loss is impacting employee wellbeing—34% of UK-based office workers report using profanity as they lost data, 20% have lashed out and broken something and 23% have been reduced to tears. According to the research, losing work-related data or introducing ransomware are two of the most stressful experiences for office workers—more stressful than a first date, a job interview or sitting for an exam.
“It’s no wonder that office workers are being driven to tears, swearing and lying when they find their files are lost forever,” Jelley concluded. “It seems a huge number of them believe it’s going to be easy to get data back from the company providing their cloud service—in reality, that’s not their job. As a result, 47% of respondents to our survey said they’d accidentally deleted a file in the cloud and were never able to get it back. It’s every business’ responsibility to protect their own data, whether in the cloud or stored on their own devices. If they can get that right and make it easy for workers to restore lost files, then they can take the pressure off their employees. Blaming people doesn’t help—backing up your data however, does.”