IT security policies being unheeded, survey shows

16 Feb 2012

Companies’ IT security policies are ineffective when it comes to protecting confidential information, seeing how 54pc of employees say they don’t always follow their company’s IT security policies, a survey commissioned by Xerox and McAfee suggests.

Another 21pc of respondents say they aren’t even aware of the policies.

What’s more, the survey reveals that some companies don’t act to lessen the risk of a security breach, such as ensuring employees are aware of IT policies and use access codes to pick up prints and copies.

Only 13pc of employees whose workplace has a printer, copier or MFP say they are prompted to enter a password or passcode on the MFP before releasing a job they’ve printed or accessing the ability to copy.

Half (51pc) of those employees whose workplace has a printer, copier or MFP say they’ve copied, scanned or printed confidential information at work.

Thirty-nine per cent of employees who copy, scan or print confidential information at work worry at least sometimes about whether the information on a networked device will remain secure. Of those, 86pc say they are at least somewhat worried about personal information, followed by customer data (77pc), employee information (77pc) and proprietary company information (70pc).

More than half (54pc) of employees say computers pose the biggest security threat to their company’s network compared to other IT devices, while only 6pc say it is MFPs.

“The threat landscape has evolved to include devices that when originally designed, where never considered a security threat,” said Tom Moore, vice-president of embedded sales, McAfee.

“Now we are seeing the need for security on devices like MFPs to protect confidential and proprietary data, which if lost or stolen, could negatively impact a company and its employees.”