“Employee negligence and ignorance” is the biggest security flaw in businesses’ technology, according to a recent survey.

That makes sense: even if your information systems are perfectly secured, employees who fail to follow basic security protocols can undo all of that work with one click or missed step. Employees don’t even have to be malicious; they can simply be unaware of information security best practices.

What are the most common ways employees habitually put company systems at risk?

Social media is a major threat, according to 51% of respondents . Workers are often not aware that letting others access their personal accounts is unsafe—and even if they know that it’s risky, many people fail to follow that advice.

The same is true of mobile devices, with about half of respondents saying employees are careless or ignorant about their use .

Key management is another problem area, with nearly one-third of respondents calling this the biggest security flaw in technology . Perhaps unsurprisingly, most people who have trouble keeping track of passwords say the same thing.

A small number of people said they were most concerned about unpatched systems, malware or data leakage . However, these problems didn’t top the list.

The survey had 236 respondents from a variety of IT and security fields in both private and public sectors.

How You Can Avoid Security Breaches

Hire an IT Company,  it is cheaper than the potential risk of a data breach. Having an IT company on your side will help prevent cyber crime, and they can also take the time to train your employees on how to stay safe.