Staff ignore data security, surveys say
By Miya Knights,
Both corporate and IT staff are paying little regard to their data security responsibilities, according to two separate surveys.
A staggering 98 per cent of UK office workers told one they don’t the protection of corporate electronic data as their responsibility, while another published today found a third of IT workers have no qualms about peeking at confidential data.
Out of 1,000 UK office workers, half felt responsibility for corporate data security sits with the organisation. A quarter thought it was their boss’s responsibility and the remainder believed it rests with the IT manager, according to the survey carried out by McAfee Data Protection.
Chris Smith, UK managing director of McAfee Data Protection, said the research showed more work was needed “to ensure that all employees understand that they have a role to play in securing data and reinforce this on a regular basis”.
But, the survey’s closer look at the attitudes of IT managers did also reveal nine out of 10 participating in a further qualitative survey saw it as their responsibility to protect data. A further 80 per cent had tightened their security policies, with 40 per cent receiving increases in their security budgets and 70 per cent prioritising security over other IT issues.
By contrast, the results of another survey of 300 senior IT professionals revealed that IT workers could be just as susceptible to lax attitudes to security as their corporate counterparts.
Digital security specialist, Cyber-Ark said one third of those it questioned admitted to using their privileged rights to access information that is confidential or sensitive by using administrative passwords. And a further 47 per cent said the information accessed was not relevant to their role.
Half of IT administrators did not have to get authorisation to access privileged accounts. And only 30 per cent change privileged passwords every quarter, while nine per cent never get changed, giving access indefinitely to all those who know the passwords, even when they’ve left the organisation.
Mark Fullbrook, Cyber-Ark UK director, said: “For most people, administrative passwords are a seemingly innocuous tool used by the IT department to update or amend systems. To those ‘in the know’ they are the keys to the kingdom and if unprotected or fall into the wrong hands wield a great deal of power.”
Related Tags
advertisement
Latest Management Features
The state of the green IT economy
Will the recession be enough to finally drive the UK to consider green IT?
- Microsoft: One year under Steve Ballmer
- BPM emerges as key downturn tech
- Can Google or Microsoft get any bigger?
- Focus on... Flexible working
- Top business features in Windows 7
- Can security concerns kill cloud computing?
- IBM, Sun and OpenOffice.org
- Tech's most interesting companies
- Tech startups not doomed by recession
Latest Management Reviews
Diskeeper 2009 Server/Administrator review
Rating: 
advertisement
Latest News Videos in Management
Video: Pat Sueltz, part two
PlayPat Sueltz, chief executive of LogLogic, talks about accessibility, risk management and role models.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?