For years, the idea of ‘digital employee experience’ (DEX) has been filed under HR priorities – an issue of productivity and satisfaction (and by extension, retention). But a new wave of research is pushing organisations to change this: because DEX is also a live security concern.
When workplace tech frustrates or slows people down, they find ways around it. And those workarounds expand the attack surface faster than security teams can contain it.
Ivanti’s 2025 Digital Employee Experience report found that technology interruptions cost an average organisation of 2,000 employees around USD $4 million each year in lost productivity. That’s a financial issue, of course; but it also points to security vulnerabilities.
The same study reported that:
Those numbers matter because they map directly to shadow IT, unmanaged endpoints, and blind spots in monitoring. Employees aren’t (usually) malicious; they’re trying to be productive. But friction in official tools and support channels pushes them into insecure territory.
We could focus on tech stacks here – on fixing the problems that cause those tech interruptions. But if we go deeper, this is about culture. When we interviewed Michael Montoya (CISO at Equinix) he put the value of employee experience like this:
“To ensure a seamless security experience, the key is integrating technology and training for non-security employees that effortlessly align with their daily workflow, without friction.”
“Security becomes seamlessly designed into the business processes or workflow in the same way you don’t think about the airbags in your car – they have an unobtrusive yet crucial role in ensuring your safety.”
Montoya’s emphasis on culture and alignment echoes the Ivanti report’s warning: security teams can’t treat DEX as someone else’s problem. Poor workflows and fragmented tools create precisely the behaviours (like bypassing controls) that increase risk.
The DEX challenge is not confined to one geography. A 2025 workplace trend report from DLL suggests that hybrid work has made digital friction more visible. Tech must enable people to collaborate seamlessly across locations – otherwise frustration builds and productivity falls.
Meanwhile, another 2025 report from Ivanti – this one about technology at work – shows that return-to-office mandates often clash with employee expectations for flexibility; and that perceived inflexibility harms trust in leadership, as well as having a negative impact on motivation.
The common thread is that when people feel forced into workflows that don’t support them, engagement drops. And disengaged workers are more likely to cut corners.
One of the most noteworthy Ivanti findings is that 74% of IT professionals report tool overlaps, but 63% say consolidation isn’t a priority. On top of that, only 32% use unified endpoint management.
That level of fragmentation creates visibility gaps. If your team doesn’t know what devices are connected, what apps are being used, or where performance bottlenecks occur, it’s just not possible to reliably monitor for compromised tech.
The good news is that solutions do exist. The report also highlights where organisations can take immediate, tangible steps. For example, around 40% of organisations haven’t automated password resets, even though repetitive requests still dominate help desks.
Automating low-value IT tasks reduces cost and frees up staff – and it also reduces the chance that frustrated employees will try risky workarounds when they can’t get fast support.
People will always find a way to do their jobs. If official tools and processes make that harder, they’ll find alternatives. From a security perspective, every moment of digital friction is therefore a point of risk.
Organisations need to focus their response on bringing culture, process, and design together to make it easier for people to do their jobs – without having to bypass security controls or tech processes. As Montoya said in that interview,
“CULTURE, CULTURE, CULTURE. The statement that culture eats strategy for breakfast remains tested and true.
“CULTURE, CULTURE, CULTURE. … transforming mindsets and encouraging everyone to contribute to enterprise safety.”
“...it's about transforming mindsets and encouraging everyone to contribute to enterprise safety.”
That means:
Digital employee experience has become part of the security perimeter. Neglect it, and you create fertile ground for shadow IT, unsafe practices, and disengaged teams. Prioritise it, and you strengthen your organisation’s resilience.
Join the newsletter to receive the latest updates in your inbox.
In 2025, cybersecurity funding is flowing to startups that prove real market need, build diverse resilient teams, and show defensible tech. Here’s how founders can win investor confidence in a tougher climate.
Read More
Global cybersecurity funding is cooling, but still resilient. Investors in 2025 are backing late-stage, proven platforms in AI-driven defence, identity, CTEM and security validation – and turning away from hype.
Read More
AI delivers fast ROI in security – fewer breaches, faster response, lower risk. See where investors should focus in the AI-driven cyber market.
Read More