Newsletter
Subscribe
Subscribe

Nearly a third of office workers admit to trying to gain access to a colleague's device

Cybersecurity

Nearly a third of office workers (30%) admit to having tried to gain access to a colleague’s device without their permission in the last 12 months.

New research also found that 35% of employees have actively sought out private information about a colleague, client, or customer, such as their age, salary, CV or home address, from a work computer system.

The survey of 1,000 office workers based in Ireland was carried out by Censuswide on behalf of IT.ie and cybersecurity firm SonicWall.

The findings were contained in their ‘Cyberpulse Ireland 2025’ report, which explores the cyberthreat landscape in Ireland as a direct result of the behaviours of employees.

The survey also showed that a cohort of office workers may see themselves as internet sleuths, possibly influenced by viral online videos featuring content creators who try to outsmart online scammers. 

Business Bulletin

Almost two-in-five (38%) have engaged with a scammer – intentionally or unintentionally at work in the last 12 months, while one in four have sent an angry response to someone who they presumed to be a scammer.

Furthermore, 17% say they have either duped or attempted to dupe an online scammer.

Concerningly, 17% have engaged with a scammer to try to convince them not to target the business – an approach that still carries significant risk.

Eamon Gallagher, Founder and Managing Director, IT.ie, said: “The report highlights some troubling behaviours among office workers that have the potential to expose businesses to considerable risk.

"While some employees, particularly from the younger cohort, attempt to challenge, outsmart, or reason with scammers, cybercriminals will often capitalise on their efforts, using manipulation tactics that leave the organisation more vulnerable to compromise.

“This behaviour is similar to that of those who attempt to gain access to their colleague’s device or are seeking out their personal information.

"While their actions may not always stem from malicious intent, it does represent a breakdown in boundaries and data responsibility.

“While these findings may raise concerns, they ultimately represent a valuable opportunity for businesses.

"By investing in employee training and onboarding, strengthening internal policies, implementing more robust access controls, and creating better cybersecurity awareness, organisations can address these vulnerabilities head-on.

"At the end of the day, a company’s cybersecurity is only as strong as its least prepared employee.”

Stuart Taylor, Senior Director of Regional Sales for Northern Europe, SonicWall, said: “These findings are a stark reminder that the greatest risks often come from within the organisation, not intentionally, but through curiosity, complacency, or even misplaced confidence.

office workers
(L-R) Eamon Gallagher, Founder and Managing Director, IT.ie and Tristan Basteup, Channel Director UK & Ireland, SonicWall

“Every click and every login matters. That’s why businesses need layered security that combines zero-trust principles, strong access controls, and continuous user education. Technology alone isn’t enough; it has to work hand-in-hand with clear policies and a culture of accountability.

He added: "When employees understand the ‘why’ behind security and organisations enforce the ‘how’ through smart solutions, you close the gaps that attackers are so quick to exploit.”

Sign up to The Business Plus Panel to help shape the business decisions of tomorrow and win vouchers for your opinions! 
chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram