Third of Australians are self-sabotaging their online security at home: SailPoint


The most common personal activities employees with a work device use that device for are:

  • check personal email (60%)
  • do online shopping (39%)
  • check the news (37%)
  • go on social media (35%)

As many as 32% of Aussies have shared work passwords with a partner or family member. This increases the risk of passwords falling into the wrong hands, opening up the doors to sensitive business information. This is especially true as we tend to share multiple passwords across work and personal accounts.

The global study also found that we are using a multitude of devices to get our work done remotely, creating a massive headache for IT departments everywhere.

Since the start of the pandemic,

  • 48% of Aussies have used work computers to enable remote working
  • 32% of Aussies have used own computers to enable remote working
  • 8% of Aussies have used family/ partner / friends’ computers to enable remote working

This can cause problems if you’ve logged into work documents, accessed client information and saved the details via a password manager. It’s so easy to click the button when prompted to “save password in keychain” for your online shopping and social media accounts. Potentially, anyone with access to the device has access to your logins. A worry for bosses as our own laptops may not have the latest security protection in place.

This would be OK if we changed our passwords regularly. But we don’t. Humans are the first line of defence to online attackers and one of the simplest things we can do is choose a secure password and change it regularly. But only 21% of Aussies have changed work passwords within the last month. 42% haven’t changed their passwords in over 6 months. Staggeringly, some of us aren’t actually authorised to do so (8%) or the computer isn’t password protected in the first place (3%). These are some of the most basic steps people and businesses can take to keeping cyber thieves at bay.

Gone Phishing

As the number of hours we spend online has sharply increased, so has the number of phishing attacks. Scammers have taken full advantage of our increased reliance on remote technologies for work, including use of personal mobile phones for work matters and work devices for things like online shopping. For example:

  • Over half of Aussies (56%) have been inundated by phishing attacks over the past six months, and
  • 12% said they are being targeted at least once a week.

It’s not just via email, it’s through texts to our personal phones and calls to our work numbers, among other things. The sheer volume of online messages we are receiving and sending on a daily basis, coupled with the blur between work and home life, can expose us to these threats. Will you notice a misspelled link in an email? Or opt to re-set your account details on one of the popular ecommerce sites?

Who’s in your cyber bubble?

SailPoint is calling on employees and businesses to think about the composition of their respective cyber bubbles, not just their family and friend bubbles. Every time we surf the web using an unsecure WiFi connection, we risk coming too close to malicious cybercriminals for comfort.

Over a third 39% of us use unsecure public WiFi when working, and 43% use unsecure connections when surfing the web for personal needs, creating a large cyber bubble comprised of complete strangers. Generation Z and the tail end of millennials (those aged 18-24) are much more carefree about their digital safety, with almost half (46%) admitting to sharing their passwords and compromising their cyber bubbles in other ways.


“The degree of poor cyber hygiene in Australia should be cause for alarm. We would never let a stranger walk into our home or office, so why should our IT networks be the same? Although motivations for poor cyber hygiene are seldom malicious, the risks to individuals and businesses posed by unsecured WIFI networks and poor password management are huge,” said Terry Burgess VP APAC at SailPoint. “It is absolutely critical that businesses address the issue now through improved cybersecurity defences and training. We must address the human factor through predictive AI-enabled identity security technology if the increased risk of cyberattacks and data leaks is to be properly addressed. If we don’t act now the damage to businesses down the line could be irreparable.”

Read the full SailPoint report The Cybersecurity Pandora’s Box of Remote Work.

About the survey

A statistically representative consumer survey was conducted by OnePoll / 72Point across Australia (1,000 respondents).