Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Employees ignore IT security: survey

Ross O. Storey | Aug. 6, 2010
Research finds need for more user awareness and better application control

SINGAPORE, 6 AUGUST 2010 - New global research has found that most IT security administrators believe social networking, Internet applications and widgets have significantly lowered the security posture of their organisation.

The research, by Check Point Software and the Ponemon Institute, revealed that up to 82 per cent of IT security administrators felt this way. It found that employees rarely or never consider corporate security threats in their everyday business communications.

The report concluded that education and awareness is needed to help end-users realise their important role in maintaining the organisation's security profile.

The research was based on a survey of 2100 IT security administrators in the US, UK, France, Japan and Australia. It represents organisations from small and medium businesses to large enterprisesand across 12 different industries, including financial, industrial, government, retail, healthcare and education.

The survey found that employees largely ignored IT security when downloading Internet applications, Web browsing, opening links, video streaming, utilising peer-to-peer (P2P) file sharing sites and engaging in social networking outlets.

Top concerns

Respondents cited viruses, malware and data loss as the top Web 2.0 concerns.

"Our research finds security can be seen as an afterthought for corporate users of Web 2.0 applications; the growing number and sophistication of security threats, coupled with the proliferation of online and easily downloadable tools, is exacerbating the challenges of protecting sensitive information," said Ponemon Institute chairman and founder Dr. Larry Ponemon.

"While this is an issue that must be addressed through strategic investment in technology and awareness, our research also shows that most IT administrators do not believe their organisations have sufficient resources dedicated to securing critical Web applications."

Additional key findings from the survey were that nearly half the survey respondents place a high sense of urgency on minimising security risks associated with Internet applications and widgets.

Employees should be responsible

The majority of respondents believe employees should be held most responsible for mitigating Web 2.0 security risks in the enterprise.

The most common problems relating to using new Internet applications in the workplace were workplace productivity, malware and data loss.

"The survey data shows that organisations recognise the issues with Web 2.0 use in the enterprise and, fortunately, are making it a high priority, said Check Point Software Technologies head of global marketing, Juliette Sultan.

"It's clear that IT security administrators are concerned about the impact of Web 2.0 applications in the enterprise, but they also need better tools to understand which applications employees are using for business purposes.

Implementing a flexible solution that factors in specific group or individual needs provides the bridge between users and IT administrators, and ultimately encourages employees to be more cautious when Web browsing, taking into account corporate security policies, Sultan said.


Sign up for Computerworld eNewsletters.