The Truth Behind Security Policies: Is Everyone Pulling Their Weight?
Kathy Ossian: Chances are your organization’s security policies are being undermined
Oakland Business Review, November 27, 2008
A security policy is only as effective as the people who carry it out. According to a recent Cisco survey of employees and IT professionals, barely half properly adhere to their company’s’ security policies.
Although 77 percent of the companies surveyed have security policies in place, only 41 percent of employees comply with the rules “all of the time”, 53 percent said “most of the time” and 5 percent said “some of the time”.
So what gives? Why are so many employees ignoring security measures? According to Cisco’s research, many employees believe that the policies interfere with their work, slowing down their everyday routines. Cisco also found that neglectful communication between employees and IT workers are to blame, as is the belief that the current rules are “unfair”, thus suggesting a need for improved security policies
Whatever the reason, it’s time companies prepare accordingly. Armed with the knowledge that employees may not have your company’s policies or security interests at heart, it becomes the company’s responsibility to safeguard its most critical assets – including electronic records, contracts and intellectual property. Take the time to identify the weaknesses within your security policies now before it’s too late.