If you’re tired of changing passwords and being hyper-vigilant when clicking on emails, you’re not alone.  IT security fatigue is real. 

A new study from the National Institute of Standards and Technology (NIST) found that a majority of the typical computer users they interviewed experienced security fatigue.  This often leads users to risky computing behavior at work and in their personal lives.

NIST defines security fatigue as “a weariness or reluctance to deal with computer security."  As one of the study’s research subjects said about computer security, “I don’t pay any attention to those things anymore…People get weary from being bombarded by ‘watch out for this or watch out for that.’”

IT Security Can Be Frustrating

What about you?  Do you get frustrated trying to come up with a new “strong” password over and over again?  Have you ever just given up on an online order because you didn’t feel like creating a new account with yet another password?

Emails are another source of frustration.  It seems like every day there’s a new threat to consider.  You can’t even always trust emails from a familiar email address because hackers are so skilled at tricking you. 

Security Fatigue Causes Risks

Unfortunately, security fatigue causes risks.  Hackers are counting on us to be careless.  As the saying goes in IT security, “Hackers only need to get it right once.  We need to get it right every time.”  

“The finding that the general public is suffering from security fatigue is important because it has implications in the workplace and in people’s everyday life,” cognitive psychologist and co-author Brian Stanton said. “It is critical because so many people bank online, and since health care and other valuable information is being moved to the internet.”

“If people can’t use security, they are not going to, and then we and our nation won’t be secure,” Stanton said.

What to Do

The reality is the weakest link in any IT security program is each of us at the keyboard.  So, we need to fight the urge to be careless.   Always follow your company’s data security guidelines to protect yourself and your organization.

IT security experts are working to help users ease security fatigue and maintain secure online habits and behavior.  In the meantime, know that you’re not alone when you get aggravated by changing that password yet again.   

If you’re considering outsourcing your business IT, contact CRU Solutions.