Advisory firm Forrester Research questioned 2,383 IT workers from five countries for a report called Understand The State Of Data Security And Privacy: 2012 To 2013, but only 56 per cent of those surveyed in North America and Europe said that they were aware of their employers' current data security policies, according to a …
"Security Awareness Training"
We've heard of it. It will never happen of course, because there's a quantifiable cost associated with it, whereas the cost of a security breach is much less tangible, and is someone else's problem, and anyway is covered in our 100-page security manual that all new entrants were instructed to read in their spare moments.
If your IT workers aren't aware of your security policy, what's the chance that Joe Schmo in the call centre has read it and knows enough not to reveal his password to the person claiming to be calling from the helpdesk?
Security is a voyage not a destination, as the old saying goes. if the company culture is one of security being respected and not just a tickbox, you're good. If managers can come and lean on support people to constantly bend the rules and get away with it, you're in trouble.
Back in the day when I worked for a two-letter oil company, security would cruise the offices and take unsecured laptops. Cue loads of grovelling to security to get your machine returned. I believe repeat offenders were given an IBM Aptiva with 64Mb RAM and Windows 95.
It sunk in. I lock the desktop on my PC at home to this day. The wife thinks I'm hiding something...
- Product round-up Six of the best gaming keyboard and mouse combos
- Opinion So, Apple won't sell cheap kit? Prepare the iOS garden wall WRECKING BALL
- LinuxCon 2014 GitHub.io killed the distro star: Why are people so bored with the top Linux makers?
- Opinion IT blokes: would you say that LEWD comment to a man? Then don't say it to a woman
- 6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)