It’s human nature to want to point the finger at someone else when something goes wrong, but even if responsibility rightfully lies elsewhere, that’s an ineffective way to solve a problem. Sure, root cause analysis requires identifying the source of an issue, but all too often, we stop short at the person or group exhibiting the bad behavior, failing to identify the underlying cause of the behavior and appropriately placing the fault there, rather than on the person or group.
That’s key when considering findings of the recent SaaS Data Loss Survey, which polled 2,000 U.S. office workers. The research highlights the damage that workplace “blame cultures” have on the success of cloud adoption. Overall, we found that businesses are losing critical data, such as customer orders and financial and personal data, because office workers are too scared or too embarrassed to report data loss, including ransomware-related loss, when using cloud applications.
To set the stage for what’s to follow, note that the survey found that half (50%) of respondents have accidentally deleted files hosted in the cloud – such as business documents, presentations, and spreadsheets – and as many as 20% do so every day. That’s led to 51% accidentally deleting a file in the cloud who were never able to get it back.
Employees Are Too Embarrassed and Scared to Admit Their Mistakes
The research revealed that nearly half (43%) of respondents lied to cover up the fact they had accidentally deleted data they stored in shared cloud drives. When asked why they had failed to own up to their errors, 31% said that they kept quiet because they were ashamed, 14% because they were frightened of the consequences, and 7% because they have been in trouble with their IT departments before.
Employees are even less forthcoming with ransomware incidents. Just 26% of respondents said they would immediately confess mistakes that introduced ransomware into their organizations. Another 38% said they would either do nothing or pretend it hadn’t happened, and 28% said they would omit their own guilt when reporting the incident.
That’s a problem. There’s often only a short window where businesses can act to minimize the impact of deleting or corrupting the cloud-based data office workers rely on. Leaders need to motivate employees in the right ways to come forward as soon as possible so IT teams can act fast to take remedial action.
The Cloud Gives Office Workers a False Sense of Confidence
The research also highlighted that U.S. employees do not have a clear understanding of how much help the cloud service providers hosting their files would be in the event that their data is lost. In fact, nearly all respondents (92%) thought their cloud provider would be able to restore their files for them, either from a cloud copy, a “deleted items” folder, or a backup. Almost half (47%) thought their “deleted items” would be available to them in the cloud for at least a full day.
Furthermore, almost half (46%) of respondents thought data in the cloud was safer from ransomware because they assumed their cloud providers were protecting it from malware they might accidentally introduce.
This is all based on a fundamentally incorrect assumption that will continue to put businesses at risk until it’s thoroughly debunked. The truth is that, as part of their standard service, most cloud providers provide only a guarantee of resiliency of their service; they do not provide guarantees that a customer, using their service, will have their data protected. In fact, many go as far to have shared-responsibly models in their terms and conditions that make it clear that cloud data protection is the customers’ responsibility. Storing data in the cloud doesn’t automatically make it safe – it still needs strong data protection.
Data Loss Causes Employees to Snap
With today’s culture of shame, data loss is impacting employee wellbeing – in the aforementioned survey, 29% reported using profanity as they lost data, 21% have been reduced to tears, and 17% have lashed out and broken something.
According to the research, losing work-related data or introducing ransomware are two of the most stressful experiences for U.S. office workers – more stressful than a first date, a job interview, or sitting for an exam. As a result, 40% of respondents reportedly attempted to recreate lost documents from memory rather than reporting the loss.
Businesses need to help, not blame, employees when cloud data is lost or encrypted by hackers as a result of employee action. It’s clear from this research that shaming and punishment are not ideal ways to do that. It’s every business’ responsibility to protect their own data, whether in the cloud or stored on their own servers and devices. If they can get that right and make it easy for workers to restore lost files, then they can take the pressure off their employees. Blaming people doesn’t help – backing up your data does.