IT Departments are security risk
According to a July study -- which was released Tuesday by Tokyo-based Trend Micro and based on polls of 1,200 users, 400 each in the U.S., Germany, and Japan -- 39 percent of enterprise workers believed that their company's IT department would keep them safe from viruses, worms, spyware, spam, and phishing and pharming attacks.
"What's so bad about that?" I hear you say...well read on.
That confidence, whether on the mark or misplaced, leads workers to do risky, even stupid, things at work, such as opening questionable e-mail messages or clicking on unknown or suspicious Web site links. when they have an IT department behind them to clean up their mess, the study claims. Out of those who admitted to unsafe surfing, 63 percent acknowledged they took the risk because IT had installed security software on their computers, for instance. Meanwhile, 40 percent of risk-takers admitted they did so because IT was available to provide support if problems occurred, essentially providing a backstop.
The correlation between IT’s presence, workers' security expectations, and riskier behavior shows how important it is for administrators to keep ahead of employee expectations.That may mean even greater security investments than originally planned, or more employee education. IT may need to get in front of the employees more to tell them that they have some responsibility for their actions, too.
"What's so bad about that?" I hear you say...well read on.
That confidence, whether on the mark or misplaced, leads workers to do risky, even stupid, things at work, such as opening questionable e-mail messages or clicking on unknown or suspicious Web site links. when they have an IT department behind them to clean up their mess, the study claims. Out of those who admitted to unsafe surfing, 63 percent acknowledged they took the risk because IT had installed security software on their computers, for instance. Meanwhile, 40 percent of risk-takers admitted they did so because IT was available to provide support if problems occurred, essentially providing a backstop.
The correlation between IT’s presence, workers' security expectations, and riskier behavior shows how important it is for administrators to keep ahead of employee expectations.That may mean even greater security investments than originally planned, or more employee education. IT may need to get in front of the employees more to tell them that they have some responsibility for their actions, too.
posted by Dwaine at 9/16/2005
0 Comments:
Post a Comment
<< Home