Cybersecurity is a crucial part of any business, but newresearch shows employees are overwhelmingly trying to skirt online precautionsto access blocked websites or services.

One report from Dtex Systems showed 95% percent oforganizations have employees trying to get around security measuresin their workplace.

According to the report, employees were using virtual privatenetworks (VPNs), surfing the web anonymously through browsers, andusing hacking programs like Metasploit, which tests systemvulnerabilities. Many employers put these parameters in place forproductivity reasons, and this research proves employees aregetting smarter about how to bypass these measures.

The Dtex report also finds that security breaches in companiesare largely the result of employees, with 60% of breaches creditedto insiders. Of those insider breaches, 68% are due to neglect, 22%are malicious attacks and 10% are caused by stolen credentials.

One of the alarming insights from these insider breaches has todo with employees storing information on cloud services, anincredibly popular way to save data these days. Sixty-four percentof companies found corporate information publicly available onlinebecause it was sourced from a cloud service. A large number ofemployees, 87%, are using their personal, web-based email accountson company computers and devices, which opens up company data tohackers.

In addition to neglectful online practices, the report foundinappropriate internet use among employees in the workplace. Almost60% of companies surveyed found employees accessing pornographicmaterial during work hours, and 43% found them partaking in onlinegambling.

Another study from Willis Towers Watson, an advisory company,had very similar findings. Its study shows two-thirds of the cyberattacks on companiesresult from employee negligence or malicious activity, and only 18%are the result of external breaches.

When it comes to protecting company information, it is veryimportant to focus on human resource data and applicant trackingdata. This type of information is the focus for many hackers,because selling personal information is lucrative on the blackmarket.

The personal information in HR systems includes Social Securitynumbers, bank information and other data that hackers can sell tosteal identities. And hackers can get a whole crop of thisinformation if they get access to an entire HR database, makingthese very vulnerable places when it comes to companycybersecurity.

Kimberley Smathers, the director of information security and compliance at Jobvite, lays out a few ways to ensure HR data is safe. One thing to askhosting services in charge of HR data is where they host theirdata. If it's in the cloud, an increasingly popular choice, makesure they take other precautions to protect this data.

To ensure these precautions will happen, she suggests asking ifthe hosting service has any certifications. If the provider has acertification, this means an independent auditor verified them ascredible, and that's something a company wants when it comes toensuring security.

These tips are for protecting against larger threats, but asthese various reports show, most security issues come from humannegligence.

HR Dive looked into ways companies can encourage better security habits among itsemployees to avoid phishing and spoofing attacks.

One of the suggestions from cybersecurity expert Michael Overly,partner at Foley & Lardner, is to know how your employees arestoring data. How are people storing, working on and deleting data?Once this is established, IT experts can put in place the correctencryption and security options in place.

Overly also suggests monitoring activity, and noticing ifemployees are logging on at strange times or for prolonged periods,and checking to see what they are working on. Monitoring socialmedia use and software downloads also helps protect company datafrom outside hackers.

BenefitsPro