- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
Unfair policies prompt most employees to break company IT security rules, and that could lead to lost customer data, a Cisco study found.
Cisco this week released a second set of findings from a global study on data leakage. The first part dealt with common employee data leakage risks and the potential impact on the collaborative workforce.
Part two deals with the ‘whys’ of behavior that raises the risk of corporate data leakage. More than half of the employees surveyed admitted that they do not always adhere to corporate security polices.
And when they don’t, it can lead to leakage of sensitive data. Of the IT respondents who dealt with employee policy violations, one in five reported that incidents resulted in lost customer data, according to the Cisco study.
The surveys were conducted of more than 2,000 employees and IT professionals in 10 countries: the United States, the United Kingdom, France, Germany, Italy, Japan, China, India, Australia and Brazil. They were executed by InsightExpress, a U.S.-based market research firm, and commissioned by Cisco.
The study found that the majority of employees believe their companies’ IT security policies are unfair. Indeed, surveyed employees said the top reason for non-compliance is the belief that policies do not align with the reality of what they need to do their jobs, according to Cisco.
The study found that the majority of employees in eight of 10 countries felt their company’s policies were unfair. Only employees in Germany and the United States did not agree.
In Germany, even though the majority of employees felt their companies’ policies were fair, more than half of them said they would break rules to complete their jobs, the study found. Of all the countries, France (84%) has the most employees who admitted defying policies, whether rarely or routinely.
In India, one in 10 employees admitted never or hardly ever abiding by corporate security policies. Overall, the study found that 77% of companies had security policies in place.
But defiance may not be intentional. IT and employees have a disconnect when it comes to policy and adherence awareness, the study found.
IT believes employees defy policies for a variety of reasons, from failing to grasp the magnitude of security risks to apathy; employees say they break them because they do not align with the ability to do their jobs.
The Leader in Network Knowledge
Comments (12)
Correct: Palo Alto Networks firewalls are great!By Anon on October 30, 2008, 8:24 pmI posted earlier and should have mentioned that we use Palo Alto Networks to protect & monitor our Internet access. Palo Alto Networks firewalls work like a charm....
Reply | Read entire comment
Only Palo Alto Networks solves this problem........duh.By Anonymous on October 29, 2008, 2:06 pmGranular control of the usage of these apps will prevent any mis-use and resulting in no data leakage.
Reply | Read entire comment
Get your priorities straight...By wrap2tyt on October 29, 2008, 1:34 pm...and you think it’s unfair because the company will not pay for all of this “stuff” that you want? Maybe instead of complaining about YAHOO and MSN text messaging...
Reply | Read entire comment
You can't be serious...By wrap2tyt on October 29, 2008, 12:33 pm… I beg to differ with you because in my opinion the problem IS the younger “talent” in the work force who believe that somehow because they’ve grown up around technology...
Reply | Read entire comment
...Unfair IT Policies... aawwwBy wrap2tyt on October 29, 2008, 12:01 pmAfter reading some of these responses I’d submit to any of you to walk a day in the shoes, of the people responsible for information security at your company. First,...
Reply | Read entire comment
View all comments