Close to one in every four (23%) employees have previously had a dispute with IT staff about the importance or frequency of updating their work devices, a new study commissioned by Kaspersky revealed.
Findings show that IT teams tend to agree with such demands and let two-thirds (64%) of staff skip installing updates on certain software or OS at all.
Respondents who argued with IT about updates were asked two questions – whether they were allowed to skip updates (64% said they were) or whether they were allowed to choose what to update (the same 64% chose this option).
Employees may request these options because they are afraid that the time spent updating may affect their productivity. More than half of respondents are actually distracted from work because of updates — 43% take a break from what they were doing and 8% just wait patiently at their desk.
Difficulties don’t end at the installation stage, as 36% of employees agree that learning new versions of software is a waste of time that could be spent doing their job.
Overall, 44% of respondents stated that they are less concerned about updating their work devices than personal ones, suggesting that keeping work devices up to date is an insignificant consideration.
“We recommend employees regularly update their devices – it will not only keep them protected, but each update takes just a few minutes. This short downtime can be used to recharge body and mind without any harm to business processes,” said Elena Molchanova, head of business development at Kaspersky Security Awareness Trainings.
To help IT staff to encourage employees to regularly install updates, Kaspersky recommends preparing instructions or video lessons on how to use the updated software. Provide contacts for people who employees can reach out to in case of any issues.
Also, staff should be informed about the importance of timely updates and what can go wrong with their data and the company’s assets if cybercriminals exploit unpatched security issues.
Employees must be warned employees that if they put off updates for a long time, their devices can install them automatically and restart their devices when they are busy with urgent tasks.
For critical IT or operational technology systems, it is important to always be protected regardless of delayed updates. This means systems should only perform predetermined activity.