It’s not news that many employees are ignoring security policies. But who’s doing it might surprise you.
That’s right, it’s the IT employees themselves, according to a recent Ponemon survey.
For example, 69% of staffers admitted to copying confidential company data onto portable USB drives, even though 87% said their employer has a policy against it, according to the survey of 967 IT pros.
More than half download personal software to their work computers, which greatly increases the risk of bringing viruses onto the company network. Other unsafe behaviors the IT pros admitted to includes:
- downloading info to unsecured smartphones and other devices (61%)
- sharing passwords (47%), and
- misplacing portable drives and not reporting the loss (43%).
All in all, 57% of those surveyed described their companies’ IT policies as “ineffective.”About said those policies are largely ignored by management and employees throughout the company.
The main problem: a lack of training. More than half (58%) of respondents said their employer doesn’t provide adequate training on how to comply with the rules.