Today's IT users say they are much more aware and cautious about IT security, but those on the front lines, battlin...
January 14, 2005
Today’s IT users say they are much more aware and cautious about IT security, but those on the front lines, battling viruses and network downtime see things a little differently.
Results of a survey conducted in November by Toronto-based Soltrus Inc., a provider of IT security and digital trust services, found that while 70% of users say they are “well aware” of their organization’s IT security issues and policies, only half of IT staff would call their users “moderately aware”.
While users asserted they are “well aware” of security risks, more than 50% admitted to opening one or more email attachments from an unknown source in the past year.
“This survey underscores the fact that users continue to be one of the weakest links in the enterprise security chain,” said Anthony Santilli, vice president of marketing for Soltrus.
“Over the past several years organizations have made great strides in establishing security policies and instituting new programs and procedures to help safeguard customer information, company data and competitive intelligence. But those policies are only as good as the users they are directed at. Users are still not realizing they are one of the greatest threats to their network.”
Soltrus’ survey also found that while almost 70% of users said they have not experienced a personal loss of productivity due to a security issue, 75% of IT staff said their organization has been impacted in the last year.
The majority of IT staff maintain they have been significantly impacted approximately once per quarter, for a period of three to five hours.
“IT staff are obviously continuing to struggle with security issues that are transparent to users,” said Santilli.
“Many users are lulled into a false sense of security by their company’s policies, firewall and anti-virus solutions, believing they are immune to attack. Any IT or network analyst can tell you this is far from reality.”
Results revealed that 80% of user respondents felt their organization was proactive with regard to IT security, where as only 60% of IT staff feels the same.
IT staff clearly are continuing to struggle to ensure adequate security coverage, said Santilli.
The Soltrus survey also found that teleworking continues to be an IT challenge. While 82% of users say they believe the same security standards apply working at home as at the office, only 44% of IT staff say their users understand and practice teleworking security standards.
“Obviously users are not practicing what they preach, as IT staff do not see an improvement in the practice of security standards,” said Santilli.
According to the Meta Group, an estimated 90% of organizations currently have users with a mobile or teleworking requirement, and this number is forecast to rise to over 95% by 2006.
Soltrus is owned by Telus Communications, the CIBC and VeriSign.