Government employee behaviour that could lead to cybersecurity breaches

Denis O’Shea, founder of Mobile Mentor

The balance between data security and employee experience has always been challenging but the pandemic, remote work, and cyber-attacks has taken the importance to a new level.

According to a new study, 44% of government employees use work devices for personal use and 60% use personal devices for work use. Government agencies not only have a BYO device issue, but passwords are not properly secured and Shadow IT is out of control.

What is the Endpoint Ecosystem study?

The Endpoint Ecosystem study examines how employees perceive privacy, productivity, and personal well-being. The study defines the Endpoint Ecosystem as the combination of all the devices, apps and tools plus the experience using that tech. The study presents a look at the tradeoffs between security and employee experience that every employer must face.

“The Endpoint Ecosystem has always been important, but it became a more urgent matter over the last two years when the pandemic forced more people to work remotely, cybersecurity attacks increased, and the Great Resignation forced employers to rethink how they support their employees,” said Denis O’Shea, founder of Mobile Mentor.

“When the ecosystem works well, you have a secure, productive and happy workforce.”

What are the key insights from the Endpoint Ecosystem?

The Endpoint Ecosystem study also highlights the following findings;

Government employees have a password problem

73% use the same password for multiple applications. 21% of government employees write their work passwords in a personal journal, 11% admit to storing their passwords in notes on their phone, and 17% keep work passwords in Excel or Word on a PC.

72% admit to choosing passwords that are easy to remember.

Government has a Shadow IT problem

More than 39% of employees say security policies restrict the way they work and 32% admit to finding ways to work around security policies. Forty-five percent of workers believe they are more efficient using non-work apps like Dropbox and Gmail.

Government workers are largely aware of the gravity of a data breach

Workers are receptive to elevated security training. 51% of government workers believe they will get fired for a data breach while 59% believe their executives should be fired for a privacy breach. 31% know someone who exposed their employer to a data breach.

Security on BYO devices is a major vulnerability

Sixty-four percent of government workers are using personal laptops and 89% are using personal smartphones in a typical work week. However only 25% of government employees are enabled to securely access systems, data, and applications on their personal devices.

The line between work and personal devices is blurred

Forty-four percent of government workers use work devices for personal use, and 60% use personal devices for work. Twenty-four percent of government workers allow their family members to use their work devices for personal usage.

In late 2021, Mobile Mentor commissioned CGK to field the study of 1,500 employees across four high-risk and highly regulated industries: healthcare, finance, education and government.

Employees were located in the U.S and Australia. Each interview consisted of 25 questions to understand how employees are using devices in a post-pandemic world. The goal is to gather data to educate and inform employers how devices in their industries are being used, how to prevent security breaches, and how to best support productive employees.

For the complete report, visit