Employees evade and ignore network security policies


NetSecurity
There is a general lack of awareness and enforcement of security policies and procedures in companies today, according to new research announced by the Ponemon Institute - "Trends in Insider Compliance with Data Security Policies: Employees Evade and Ignore Security Policies."

The majority of respondents admit to serious non-compliant workplace behaviors that place their companies at risk. Such behaviors include the insecure use of USB memory sticks, use of Web-based email, sharing passwords, turning off security settings and more.

According to the study, 69 percent of employees surveyed said that they copy confidential or sensitive business information onto USB devices, while only 13 percent of respondents said their companies have a policy that allows this, showing a 48 percent non-compliance rate.

61 percent admitted to copying confidential or sensitive business information onto USB devices, and then transferring the information to another computer that is not part of the corporate network.

More...

Comments