Press releases

SMB Employees Admit to Getting Lazy With Cyber Security

Avast research finds over a quarter of SMB workers admit to being more lax with security whilst working from home. But SMB employers share the blame as only 57% of employees have been given adequate security training

Avast research finds over a quarter of SMB workers admit to being more lax with security whilst working from home. But SMB employers share the blame as only 57% of employees have been given adequate security training


London, United Kingdom, December 15, 2021 — The Mobile Workforce Report 2021 from Avast (LSE:AVST), a global leader in digital security and privacy, has found that over a quarter of employees (27%) in UK SMBs admit to being more lax with IT security whilst working from home. A further 24% has intentionally circumvented IT security guidance in order to get their job done. 

When asked about specifics, 5% of workers admitted to sending sensitive data to a colleague, vendor or customer through channels that are not approved by their company’s IT team. A further 16% have taken sensitive business calls whilst family members were in the same room; and 19% have left sensitive business documents lying open on their desk where family members can see. Even more worrying, 5% of SMB employees said their home network had been a victim of a cyber attack during the pandemic.

“Employees who lack cyber smarts are unknowingly putting their business and its customers at risk,” commented Marc Botham, VP Worldwide Channel & Alliances at Avast. “Part of empowering employees to be productive and successful in their jobs is giving them the knowledge to do their jobs securely. In providing good cyber security education for teams, SMBs can give employees the digital freedom to do their jobs without concern, something that ultimately results in better successes for the business.”

But the blame for these security bad habits doesn’t just lie with employees, as only 64% of workers say their company provided IT security guidelines for working from home and 58% were provided with guidelines for dealing with company secrets – pointing to potential gaps in security knowledge. 

In fact, only 57% of SMB employees had been provided with what they felt was adequate IT security training for working from home. When asked, over half (56%) of IT Decision Makers (ITDMs) agreed that keeping employees educated about cyber risks and how to avoid them while they are working from home was difficult. Further, just 32% of ITDMs worked for companies where new guidelines had been set up for employees to protect business confidentiality while working from home. Given these results, it’s unsurprising that 43% of ITDMs believe their company is unprepared to deal with security threats. 

The research was conducted in July 2021 by Dynata. It surveyed 500 IT Decision Makers in the UK and 500 in Germany, as well as 1000 SMB workers in the UK and 1000 in Germany  (company size: up to 300 employees).