Most IT professionals don’t trust end users with security – survey

17 Apr 2012

Nearly all IT professionals don’t trust their end users to make sound IT security decisions, a survey conducted by Sophos suggests.

The global survey of IT professionals on employee usage behaviour reveals 96pc of respondents don’t trust their end users when it comes to making good decisions about IT security.

In fact, 48pc of the survey respondents said they fix security issues caused by end-user negligence at least once a week.

In terms of who commits the worst IT security offences, 26pc of survey respondents pointed to senior management, and 19pc of respondents said IT commits the worst security offences.

The survey result, Sophos said, emphasises the impact a lack of understanding security policies and best practices – no matter what department or what level of an organisation – can have on IT infrastructure. It also highlights the need to educate employees on IT security issues and best practices.

Sophos offers IT security tips on keeping yourself, your colleagues and your business safe:

1/ Don’t be tricked. Don’t respond to emails or phone calls requesting confidential company information, including employee information, financial results or company secrets.

2/ Stay secure. Ensure your computer is running the latest approved security patches, antivirus and firewall. Always work in user mode, not administrator mode, whenever possible.

3/ Put sensitive information away. Don’t leave printouts containing private information on your desk. Lock them in a drawer or filing cabinet, or shred them.

4/ Protect your files. Always password-protect sensitive files on your computer, USB flash drive, smartphone and laptop.

5/ Don’t plug it in. Personal devices such as USB flash drives can be compromised with code waiting to launch as soon as you plug them into a computer, so check with IT before plugging in USB keys, MP3 players or smartphones.

Tina Costanza was a journalist and sub-editor at Silicon Republic