The consumerization of IT is one of the major factors driving next-generation business demands, especially as organizations adopt programs that allow individuals to utilize personal devices in the office. These strategies are often beneficial to companies, as they encourage more productive behavior by supporting remote working capabilities to increase employee satisfaction. Without the proper training, however, new programs can unintentionally invite more risk into the business.
A new study by Sophos found that 96 percent of responding IT professionals do not trust employees to make the right data security decisions on their own. This study highlights the need for businesses to deploy training programs that teach individuals best practices and the importance of data protection tools.
"Creating a comprehensive security policy is difficult enough without having employees accidentally subverting the protocols we have in place," Global Business Technology president Damian Barry said in response to the study. "However, taking the time to create an all-encompassing educational campaign can be too time consuming."
Sophos found that nearly half of IT professionals regularly fix security issues derived from employee negligence.
A recent report from the Ponemon Institute further demonstrated how common negligence is in the office, revealing that 59 percent of individuals commonly disregard simple security features, like passwords, when they use corporate- or personally owned devices to perform work-related tasks. As a result, more than three-quarters of decision-makers believe these gadgets increase the number of network vulnerabilities.
"Our company is seeing this as a major issue because of the number of BYOD (bring your own device) instances and the vulnerabilities that can threaten mobile computing, such as unsecured Wi-Fi access, lost or stolen devices and malware attacks on mobile operating systems," FishNet Security founder Gary Fish said.
However, vulnerabilities do not only derive from non-management employees. In fact, 26 percent of respondents actually said that senior management officials are often responsible for making the worst decisions, Sophos noted. An additional 19 percent said IT departments commonly commit the worst security offenses.
This suggests that there is a general lack of endpoint security understanding across the entire company and demonstrates the demand for education and training programs that can teach all individuals how to keep the network secure during the era of consumerization.
Security News from SimplySecurity.com by Trend Micro