G.Neil Tools To Manage And Motivate People Phone orders 800-999-9111Live Chat
Shopping Cart
    GNeil Library Customer Care My Account
 
Attendance Tracking Employee Records Performance Management Personnel Software Hiring & Recruiting Training & Development Labor Law & Compliance Workplace Safety Workplace Communications Motivation Recognition Greeting Cards
New ProductsWeb Specials 
Free eNewsletter
Enter Priority Number
Catalog Quick Order
-


Live Chat
Community Resources
Payroll Outsourcing Poster Guard Member Self-Service Website Chart of Posting ChangesFree Poster Audit
Click to verify BBB accreditation and to see a BBB report.

Connect with us on ...

Twitter

HR Forum Blog
HyperLink

Employees breaking data security policies, and they know it

06/12/09

Employees are ignoring data security policies and engaging in activities that could put their employers’ security in serious risk, according to a new survey released by the Ponemon Institute.

The survey revealed that an alarming number of employees are knowingly breaking security policies at work including copying secure data to USB drives, turning off security settings in mobile devices and sharing passwords. Each offense has a high potential for putting a company’s data security a risk.

Almost 70% of the 967 IT professionals surveyed said they knew copying confidential company data to USB sticks was against company policy, but did it anyway. To make matters worse, some employees admit to losing USB sticks containing company data, but didn’t report the incident immediately.

A growing number of employees are also putting their company’s security at risk by engaging in social networking at work and installing unauthorized software.

About 31% of respondents said they engaged in social-networking practices from work PCs and around 53% admitted to downloading personal software on company PCs, significantly increasing the risk of infecting the network with malicious software, according to the research.

Who’s to blame?

More than half (58%) of the IT professionals surveyed blame their employers for failing to provide workers with adequate data security awareness and training. The IT professionals also said their company’s data protection policies were ineffective and there was poor communication and enforcement of existing data security policies.

As the use of mobile devices like Smart phones and laptop grows, it’s going to get harder to enforce data security policies, which could lead to more data breaches. It’s going to take more than just putting a data security policy in place.

Don’t wait until a serious data breach incident hits your company before you start taking action by implementing data security policies, improving employee awareness and establishing computer security training.