IT policies key to maintaining data security
By Asavin Wattanajantra,
The key to improving IT security rests with staff, according to new research released today that revealed companies have to change employee behaviour in order for security issues to be solved.
The findings came from the 2008 Information Security Breaches Survey (ISBS) carried out for the Department for Business, Enterprise & Regulatory Reform (BERR).
The research revealed that the proportion of companies with active IT security policies in place had quadrupled in the last eight years with seven out of ten large businesses now actively enforcing security policy.
It also found that 68 per cent of companies that had a high priority for security now had a security policy in place, an increase from 55 per cent in 2006 when the same survey was conducted.
"What companies are realising is that increasing security awareness is only part of the answer. The critical issue is changing the behaviour of the people," said Chris Potter, partner of PricewaterhouseCoopers LLP, which carried out the survey.
"A 'click' mentality has grown up - users do what expedites their activity rather than what they know they ought to.
"It's a bit like the road speed limit - everyone knows what they ought to do, but only a few actually do it. Only when behaviour changed do businesses realise the benefits of a security-aware culture."
The focus on security policies by business had much to do with the fact that they were putting much more trust in their staff.
The survey said that 54 per cent of UK companies allowed staff to access systems remotely, up from 36 per cent in 2006. The proportion of businesses restricting internet access has nearly halved.
Staff were becoming increasingly targeted by social engineering attacks. Businesses were wary of websites like Facebook and MySpace because of the increasing habit of employees divulging confidential information.
To combat the threat, businesses had increased technical controls, with the use of strong authentication doubling and a Virtual Private Network (VPN) now being almost universal among large businesses for remote access.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Networking Analysis & Insight
Q&A: Cisco on servers, storage and strategy
We chat with Laurent Blanchard, Cisco's vice president of enterprise, to ask why IT should get excited about what the networking giant can offer.
- It's not about the browser, stupid!
- The Great British network squeeze
- New year: new suppliers
- Top 10 tech winners and losers of 2011
- 2011: The year in news
- UK rural broadband: too little, and too late
- HP PCs back on the menu with Dellish plans
- Top 10 social networking tips for enterprise - part one
- Q&A: Why go via telecoms to the cloud?
Latest Networking Reviews
Swyx SwyxExpress X20 review
Rating: 
- Ipswitch WhatsUp Gold Premium 15
- ForeScout Technologies CounterACT 6.3.4
- ThinPrint Printer Dashboard review: First Look
- TITUS Aware for Microsoft Outlook review
- Windows Phone 7 Mango review: First Look
- Dartware InterMapper review
- Kemp Technologies LoadMaster 3600 review
- Sangfor WANACC M5500 review
- Office 365 review: First look
advertisement
Most popular
- Will someone rid me of these troublesome Macs?
- Head to Head: Mac OS X 10.7 Lion vs Windows 7
- Head to Head: Office 2010 vs Open Office 3.1
- Nokia Lumia 710 review
- Virgin 100Mbps rollout 'ahead of schedule'
- BT considering Ofcom price cap appeal
- A data shock warning for Orange customers
- Cisco announces 40GbE and 100GbE switching upgrades
- T-Mobile announces 'UK's first' fully unlimited deals
- BT announces FTTP 'on demand'
PlayRegister for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
