Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Policy Management Can Overcome Training Deficiency

Cryptzone : 23 April, 2012  (Technical Article)
Poor IT Security awareness in large companies should not necessarily mean large training investments if good policy management software is in place
Policy Management Can Overcome Training Deficiency
Commenting on research just released, which claims to show that 54 per cent of small businesses – and 38 per cent of their larger peers – do not have a security awareness programme in place, Cryptzone says this is a common failing in many organisations.

The problem, says Dominic Saunders, Senior Vice President of the NETconsent Business Unit within the European IT threat mitigation specialist, is that many IT security managers – perhaps understandably – put too much faith in the understanding of technology amongst staff in their organisation.

“This is something that psychologists call `empathic accuracy’ and refers to how accurately one person can infer the thoughts and feelings of another person. It’s very common in most business disciplines and simply means that - for example - a member of the financial services team will presume that their colleague in sales fully understands the nuances of basic accountancy, when in fact this usually isn’t the case,” he said.

“In the case of IT security, empathic accuracy becomes a potentially dangerous presumption that needs supporting technology to help enforce positive levels of security across the entire organisation. And this technology, we have found, comes in the form of good policy management software,” he added.

The Cryptzone VP went on to say that NETconsent Compliance Suite  provides our clients with a policy management solution that compliments the more traditional IT security technologies to deliver a better overall security solution.

As the PwC/Infosecurity Show research shows, he says, because only 39 per cent of large organisations encrypt their downloaded data, 47 per cent have ended up losing or leaking confidential information held on mobile devices.

With effective security policy management and user awareness programs in place, staff are much more likely to adhere to the rules and therefore breaches become less likely.

As the PwC/Infosecurity Show research notes, he explained, breaches often occur due to ignorance rather than malice, meaning that staff need to better understand security policies in order to put them into practice.

The problem of security policy failures, says Saunders, has been made worse by the arrival of the BYOD (bring-your-own-device) trend in the workplace - and because of this, he recommends that the industry needs to be looking at how its can effectively deliver security policies to those devices.

“I think that is now essential that professionals update their firm’s security policies on a more regular basis, as technologies, working practices and what data staff are allowed to access changes so quickly over time,” he noted.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo