Security Pros Lax At Protecting Their Own Computers
A survey of security and IT managers at the recent RSA conference shows that one-third don't secure their home files or communications.
Who has the most secure telecommuting and home computer setups? Security professionals would seem like a safe bet.
Good guess, but ... No.
PKware, a security company that focuses on data transfer and storage, surveyed security professionals at last month's RSA Security Conference and got some surprising results. The survey showed that while 86% of more than 100 respondents were very concerned or extremely concerned about their confidential personal information falling into the wrong hands, almost one-third admitted they don't use any tools to ensure that the files they send and store are protected.
When findings like this come back about general users, security managers typically say it's a lack of education. Well, not in this case. These are the professionals who are trained to safeguard corporate networks and critical information.
"We were surprised at the results of the survey, given the respondents were security and IT professionals at some of the most security-conscious organizations in the world," Tim Kennedy, president of PKware, said in a written statement. "It shows that this is not just a user education issue, but one that comes down to the classic struggle between usability and security. We have to make it as easy as possible for people to integrate data security into their everyday lives, making it a seamless part of existing business and consumer communication habits."
Kennedy also noted that the number of communications between remote workers and headquarters is on a sharp incline. Add to that the increasing number of transactions that take place between individuals and any number of service providers, including attorneys, realtors, tax advisers, and doctors, and there's a growing need to make sure those communications are private and securely stored. That will be even more true as the April 15 tax filing deadline approaches and a growing number of people file online.
"More individuals need to take the stringent security measures at their workplace and extend them to home use," said Kennedy. "Even though enterprise IT departments are constantly devising approaches and policies that ensure that the corporate network is both efficient and protected from online threats, these measures are not always integrated with remote use. Users must become more proactive about securing their e-mails and files and take ownership for these risks."
The need to secure home networks was highlighted last month when Cisco Systems advised its customers that 77 of its routers are vulnerable to a new form of attack called drive-by pharming. Running the routers, most of which are for home or small-business use, with the out-of-the-box password leaves users open to attack.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.