Report: Employees bypass security policies to do jobs

Tuesday, April 13, 2010 @ 07:04 PM gHale

Security policies work, however, there is a catch: You have to use them.

Workers now admit to breaking company security policies in order to get their work done, according to a new poll.

[private]The new survey of 1,347 workers, conducted by Harris Interactive and sponsored by Fiberlink, found 12% of respondents admit to knowingly violating the policies put in place by their companies’ IT departments in order to get their work done.

“We see this as a mobility wake-up call for all IT managers,” said Jim Sheward, chief executive of Fiberlink. “IT departments nationwide spend a lot of time and money on their compliance, usage, and access policies, but they only work if people follow the rules.”

The following can help ensure compliance with IT policies:

  • Have a good inventory management system in place for your mobile assets so you know where and with whom they are at all times.
  • Regularly communicate policies to users through different media—in-person meetings, email updates, and verbal reiteration.
  • Make compliance a priority—both in terms of IT spend and job performance.

In early 2008, AMR forecasted spending on governance, risk, and compliance would hit $33.5 billion in 2009. Instead, it reached $28.7 billion, or 14% less than predicted.

Spending suffered because “this stuff is often considered discretionary — a good business practice, but not essential,” said AMR analyst John Hagarty.[/private]

Leave a Reply

You must be logged in to post a comment.