IT policies key to maintaining data security
By Asavin Wattanajantra,
The key to improving IT security rests with staff, according to new research released today that revealed companies have to change employee behaviour in order for security issues to be solved.
The findings came from the 2008 Information Security Breaches Survey (ISBS) carried out for the Department for Business, Enterprise & Regulatory Reform (BERR).
The research revealed that the proportion of companies with active IT security policies in place had quadrupled in the last eight years with seven out of ten large businesses now actively enforcing security policy.
It also found that 68 per cent of companies that had a high priority for security now had a security policy in place, an increase from 55 per cent in 2006 when the same survey was conducted.
"What companies are realising is that increasing security awareness is only part of the answer. The critical issue is changing the behaviour of the people," said Chris Potter, partner of PricewaterhouseCoopers LLP, which carried out the survey.
"A 'click' mentality has grown up - users do what expedites their activity rather than what they know they ought to.
"It's a bit like the road speed limit - everyone knows what they ought to do, but only a few actually do it. Only when behaviour changed do businesses realise the benefits of a security-aware culture."
The focus on security policies by business had much to do with the fact that they were putting much more trust in their staff.
The survey said that 54 per cent of UK companies allowed staff to access systems remotely, up from 36 per cent in 2006. The proportion of businesses restricting internet access has nearly halved.
Staff were becoming increasingly targeted by social engineering attacks. Businesses were wary of websites like Facebook and MySpace because of the increasing habit of employees divulging confidential information.
To combat the threat, businesses had increased technical controls, with the use of strong authentication doubling and a Virtual Private Network (VPN) now being almost universal among large businesses for remote access.
You may also like...
You may also like...
advertisement
Latest Internet Features
Apple vs Google: Tale of the tape
Apple and Google are moving into each other's markets - but who will come out ahead?
- The trials and tribulations of social networking
- Why do people tolerate Twitter frailties?
- Where will quantum computing take us?
- Fear and loathing in the Mariposa aftermath
- What will the coalition do for business and technology?
- The Office/Google Docs war goes real-time with collaboration
- Will Apple live to regret the Adobe affair?
- Has social networking changed the election?
- Q&A: Gerhard Eschelbeck, chief technology officer at Webroot
Latest Internet Reviews
Firefox 4 beta 1 review: First look
advertisement
Most popular
- Government calls mobile broadband spectrum auction
- Sony Ericsson Xperia X10 Mini Pro review
- UK web guru handed key to the internet?
- Samsung Galaxy S review
- 100 million Facebook user info scraped
- HTC Hero to finally get Android 2.1 update
- Top 10 remote desktop applications
- Amazon sets UK Kindle launch date
- Head to Head: Office 2010 vs Open Office 3.1
- Top 10 future trends for mobile phones
Latest News Videos in Internet
Video: Mobile web has moved from hype to reality
PlayClaranet's UK managing director talks to IT PRO about the mobile web and how online infrastructure in the business world is evolving.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
