Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

More employees neglecting data security, survey says

Employees copy secure data to USB sticks, share passwords and increase the risk of bringing malware to PCs

More employees are ignoring data security policies and engaging in activities that could put a company at risk, according to a survey released by Ponemon Institute on Wednesday.

A large number of employees copy secure data to USB drives or turn off security settings in mobile devices like laptops, which could put a company's data at risk, according to the survey. The rate of noncompliant behavior was worse in this most recent survey compared to a similar survey conducted in 2007, Ponemon Institute said in a press release.

Around 69 percent of the 967 IT professionals surveyed said they copied confidential company data to USB sticks, even though it was against the rules. Some even lost USB sticks that store confidential corporate data, but did not report it immediately, the survey said.

The survey also took into account new technologies that could bring rogue software to computers, like social networking. Close to 31 percent of respondents engaged in social-networking practices on the Web from work PCs. Additionally, around 53 percent said they downloaded personal software on corporate PCs, which could increase the risk of bringing malware to the workplace.

Mobile technologies that let employees do more while on the road are contributing to the issue, said Larry Ponemon, chairman and founder of Ponemon Institute, in a blog entry. As the use of mobile devices grows, the inability to enforce data security policies could increase the possibility of data breaches. "I'm seeing a confluence of conditions that appear to be contributing to this challenge to data integrity," he said.

Some professionals surveyed blamed companies for poor training or ineffective data security policies. Close to 57 percent said their company's data protection policies were ineffective, and 58 percent said they were not provided with enough data-security-related training.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: data security, usb
Latest Blog Posts
Whitepapers
  • Why Encrypt? Securing Email without compromising communications.
    Encryption is a vital component of any DLP strategy. It allows businesses to exchange sensitive information without compromising on security; even if data is intercepted, encryption makes it unreadable and renders it tamper-proof. Read on.
    Learn more »
  • CSO Security Buyers Guide 2011
    Welcome to the 2011 /2012 CSO Security Buyers Guide CSO is keeping security professionals ahead of the evolving threats and challenges to their businesses. This resource for security professionals assists you in finding leading IT security vendors by their products and solutions. Happy Browsing! The 2011 CSO Buyers Guide team
    Learn more »
  • Prepare Your Enterprise for the Mobile Revolution: Boost the Bottom Line with Mobile UC
    This white paper will highlight the changes in the mobile workplace; outline the benefits of unified communications (UC) and Fixed-Mobile Convergence (FMC) for mobile workers; identify the key market trends and business challenges IT managers must pay attention to now and into the future; and offer best practices for choosing a solution that will deliver clear ROI.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments