Employees turn blind eye to IT policy

 

Gallery

By Stuart Turton

Posted on 1 Nov 2007 at 13:08

A survey of US office workers has found that around a third will knowingly violate their company's IT policy at least once.

The survey, commissioned by IT consultancy group Information Systems Audit and Control Association (ISACA), reveals that peer-to-peer file sharing is a popular office pastime, with 15% having tried it, despite being made aware of the potential for security breaches and loss of sensitive information.

The root cause, according to the survey, is a lack of appreciation of the risks involved, with 74% of those who downloaded personal software onto a work machine failing to grasp the potential damage that can be caused by downloading spyware or malware.

The survey also revealed an apparent complacency concerning personal security in the workplace, with 63% of professionals unconcerned about their information while at work, believing it to be safe behind the company's firewalls and antivirus software.

"A single seemingly harmless activity, such as using peer-to-peer networks while at work, can breach the confidentiality and security of an entire corporate network, including all of the documents, data and internal communications that reside on that network," says John Pironti, a member of ISACA's Education Board.

"On average, at a company of 1,000 white-collar employees, up to 70 employees are likely using peer-to-peer file sharing while at work often or very often, based on the survey findings. Companies and employees should be very concerned about their personal and corporate data in light of this information."