1. Copying confidential information onto a USB memory stick: Eighty-seven percent of respondents believe their company’s policy forbids it, yet 51 percent say they do it anyway.
2. Accessing web-based e-mail accounts from a workplace computer: Forty-five percent of those surveyed use webmail at work; 74 percent say there is no stated policy that forbids it.
3. Losing a portable data-bearing device: Thirty-nine percent of respondents say they have lost or misplaced such a device, and 72 percent of them did not report the lost device immediately.
4. Downloading personal software onto a company computer: Sixty percent of respondents say there is no stated policy that forbids downloading personal software, a practice that 45 percent of respondents admit to.
5. Sending workplace documents as an attachment in e-mail: Thirty-three percent of respondents send work documents as attachments, and 48 percent aren’t even sure whether or not that violates policy.
6. Disabling security and firewall settings: Eighty percent of those surveyed don’t know whether disabling security is against policy; 17 percent of respondents do it.
7. Sharing passwords with co-workers: Sixty-seven percent say the company’s policy forbids sharing passwords, but 46 percent of them do it anyway.