Human error is the main security issue for IT directors, according to research from Clavister.
The study found 86 percent of IT directors believed that the most likely cause of an IT security issue came from their own employees.
They believe that the main reasons for this were down to staff ignoring security policies and not being made aware of or sufficiently trained on them, as well as making mistakes or committing industrial espionage.
Andreas Åsander, VP of product management at Clavister, said: “The purpose of a security policy is rather simple - to keep malicious users out of a network while monitoring potential risky users within an organisation.
“To ensure compliance, however, is no simple task. Security policy documents tend to be very long and technical, and not written in a way which has meaning or importance for the average employee.
“For security rules to be adopted, users need to understand why they are important, and what the rules mean to them personally and professionally.”
See original article on scmagazineuk.com
Employers need to educate employees on security policy
By SC Australia Staff on Nov 27, 2008 10:09AM