2 Of 3 Employees Routinely Violate Usage Policies - InformationWeek
IoT
IoT
Mobile // Mobile Applications
Commentary
10/25/2010
12:41 PM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

2 Of 3 Employees Routinely Violate Usage Policies

Whatever your employees need to be doing on the Web via your network, a fair percentage are doing -- or trying to do -- a lot more, according to Symantec/MessageLabs findings.

Whatever your employees need to be doing on the Web via your network, a fair percentage are doing -- or trying to do -- a lot more, according to Symantec/MessageLabs findings.Got employee Web usage and browsing policies in place? How's that working for you?

According to some Symantec/MessageLabs findings about employee browsing habits, probably not all that well.

One-third of employees, the company reported, have 10% of their browser requests blocked, while another third have far more than 10% blocked.

But that still leaves two-thirds who are trying to violate policy on a fairly regular -- and for some of them constant -- basis.

In fact, Symantec reports that 14% of employees have between 90-100% of all browser requests blocked! (Gotta wonder about those 100% blocked users -- what are they doing either a) still working for the company or b) being allowed access to a computer at all?)

One of the scariest -- and, upon reflection, least surprising -- findings was that the employees with the highest per centage of blocked requests also had the highest per centage of blocked requests that were aimed at getting them to "sites relating to 'Proxies & Translators'. This strongly suggests activity to circumvent company policy to gain access to sites."

That "strongly suggests" is an admirably subtle way of saying: "Ya THINK?"

However leniently or aggressively you handle your usage and browsing policies and the tools that support them, a deliberate attempt to bypass those policies should be viewed as a deliberate attack on your company's security, as well a policy violation, with appropriate consequences.

The good news is that a third of employees have no blocked requests on their records -- an indication that both usage polices and tools, and employee understanding of them are working... working about a third of the time, that is.

Of course, these figures apply only to companies that actually have policies and enforcement/detection tools in place. Many SMBs have neither, and can figure that risky browsing is a fact of life... except for Proxies and Translators, which they don't need because their employers are already letting them go anywhere and do anything they want, with few consequences for anything other than the company's security and, ultimately, the company itself.

The complete Symantec/MessageLabs Intelligence Report for this past September is here.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll