• 61 percent download data onto unsecured mobile devices
• 47 percent share passwords
• 43 percent lose data-bearing devices
• 21 percent turn off their mobile devices’ security tools
• 52 percent use Web-based personal e-mail in the office
• 53 percent download Internet software onto the organization’s devices
• 31 percent engage in online social networking while in the workplace
So, in Dave Letterman style, here are the top 10 bad security behaviors as identified by Insight Express:
Did it ever occur to you that you, Mr. or Ms. CFO, your executive team, and your employees are the biggest security threat to your organization’s data? The latest study from Ponemon Institute, Traverse City, MI, the parent institution of the Responsible Information Management (RIM) Council, identifies a number of common behaviors that jeopardize the organization’s data, confirming previous studies by others.
The Ponemon research confirms what an earlier global study done by Insight Express and funded by Cisco found: After two decades of talking about bolstering security education and training, bad security behavior remains pervasive. The researchers concluded that more and different education of workers is required to impact their behavior. This, the researchers argued, should be the first line of defense rather than throwing more security technology at the issue.
And the primary culprits are the organization’s own employees. The study, sponsored by IronKey, a secure USB flash drive vendor, suggests that it is mainly insiders, typically employees, who are putting corporate data at risk by routinely and knowingly violating a variety of policies. They aren’t being malicious or malevolent; usually they are simply trying to do their work in the easiest and fastest way.
1. Changing security settings on computers
2. Use of unauthorized applications
3. Unauthorized network/facility access
4. Sharing sensitive corporate information
5. Sharing corporate devices
6. Blurring of work and personal devices, communications
7. Unprotected devices, computers left logged on and/or unlocked
8. Storing log-ins and passwords on the computer or in obvious places
9. Losing portable devices containing data
10. Allowing unsupervised roaming around offices by non-employees
Specifically, the researchers found that:
These findings, the researchers point out, not only highlight shortcomings in security best practices but also reflect the continued blurring of work and personal lifestyles.
The concern comes at a time when the threats are growing due to everything from the proliferation of unmanaged portable devices to the growth of social networking. However Big Fat Finance, the biggest security threats are not exotic software viruses or ingenious new attacks against the organization’s servers, storage, and networks. Rather, the biggest threats result from mundane human behavior, such as voluntarily sharing information with someone outside the organization or using an unsecured personal device, such as a cell phone or PDA, for business information.
How many of these behaviors have you personally exhibited? You can bet your staff does them all and more. Especially today, with workers pressured to do more with less, they will cut every corner they can. When that happens, security suffers. ###
http://coachfactorystore-bag.weebly.com
0 comments:
Post a Comment