We’ve often said, and will no doubt continue to say, that the human element is the hardest one to secure. And with good reason.
Take the concept of communication, for example.
Whether at work or at home, many of us send text messages and emails to friends, family and work colleagues. The vast majority of the time they are totally respectable, or at least appropriate, for the intended audience.
But sometimes things go wrong, and it isn’t always as a result of a hack, a breach or a phishing attempt, sophisticated or otherwise.
No, the human element often throws in a curve ball, just because we are such fallible creatures.
Take, for instance, the findings of a recent OnePoll survey that discovered that Brits (and, by extension, pretty well everyone, presumably) are prone to sending the most inappropriate messages, without any help from the bad guys.
Sex and tea. Forget the crumpets
The poll, which is accompanied by an interesting infographic, makes for some pretty stark reading, debunking the notion that being a nation of tea drinkers somehow makes us boring – sober or otherwise, nigh on 70% of Blighty’s residents regularly send messages to the wrong person (interestingly, only 40% of those polled were receiving messages intended for someone else – so somebody out there must feel like they are being trolled big time!)
OnePoll offers up some pretty humourous examples of misdirected messages including a serial dater looking for “sausage” –
The woman who received a message on a dating website asking if she had been on the site for long and replied – or so she thought – “I’ve been on this for ages, no luck yet though”. It was autocorrected to “I’ve been on this for sausage, no luck yet though”
– and a randy(?) lottery player –
The worker who texted a colleague about the Lottery, meaning to say “I want six all the time”
But it’s not all about sex here in Britain, as the poll of 2,000 discovered.
For some people, the consequences of their loose messaging habits have led to a less satisfying outcome, with 1 in 3 wayward messages leading to a blazing row. And about 10% of incorrect recipient communications have ended with neither party ever speaking to the other again.
Think that sounds pretty bad?
Well, for some it ends up a whole lot worse – one in ten of those polled admitted that the sending of an inappropriate message, risque joke or, erm, revealing pic, to their boss had culminated in the termination of their employment (just ask the ex-head of RBS’ investment Bank).
The survey revealed that people are most likely to send emails to the wrong people via text message, followed by desktop email, smartphone email, tablet email and WhatsApp.
As for who receives all these messages, the survey says co-workers cop the majority, followed by mothers, bosses, sisters and fathers.
A OnePoll spokesman said:
The results of our survey show that it always pays to double-check the message – and the recipient – before pressing ‘send’.
A split-second’s carelessness can cause huge embarrassment and can lead to bust-ups with friends, family or work colleagues.
We live in a fast-moving age but it pays to take a moment to review the message before pressing the button.
But what can we learn from a security perspective?
The obvious take away here is that humans are almost always the weak point in any process. Some of us are stupid, some careless, others are busy or otherwise not fully engaged in what we are doing.
Whatever the reason, mistakes are made, and no security policy is likely to change that. Sure, having rules in place to control who your employees can and cannot send messages to with your company’s assets are useful in terms of focusing minds, and offering a formal avenue for corrective action to be taken as and when deemed necessary.
But that won’t eliminate mistakes, at least not completely.
A BYOD policy may also be useful for much the same reasons as above, but that is just as fallible to human failings too.
The answer, therefore, is to take a different approach.
Building a culture of security within your organisation and ensuring your team has a general level of awareness is likely to be more effective.
And, by highlighting how some of the OnePoll respondents sent messages that derailed their careers, or caused issues in their private lives, the message may have a better chance of sticking in their minds.
After all, who would want to be the sender of this message?
I accidentally sent a text to my boss asking him why he hired the fat ugly old woman, only to find out it was his wife.
And, knowing they had a security-conscious type of boss, none of your employees would want to rely on the following to cover their backsides, would they?
I sent a picture of my boobs to my boss by mistake and then tried to cover up by pretending my email address must have been hacked.