Home Editor's Blog News Special Reports Directory Events Advertise Submit Your News About Us Guides
News by Zone I News by Date I News by Category
 
Home Data Protection Policy Management Can Overcome Training Deficiency
Free Newsletter
Register for our Free Newsletters
Zones
Access Control
Alarms
Biometrics
Detection
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
Surveillance
View All
Other Carouselweb publications
 
 
 
 
 
 
 
 
News

Policy Management Can Overcome Training Deficiency

Cryptzone : 23 April, 2012  (Technical Article)
Poor IT Security awareness in large companies should not necessarily mean large training investments if good policy management software is in place
Policy Management Can Overcome Training Deficiency
Commenting on research just released, which claims to show that 54 per cent of small businesses – and 38 per cent of their larger peers – do not have a security awareness programme in place, Cryptzone says this is a common failing in many organisations.

The problem, says Dominic Saunders, Senior Vice President of the NETconsent Business Unit within the European IT threat mitigation specialist, is that many IT security managers – perhaps understandably – put too much faith in the understanding of technology amongst staff in their organisation.

“This is something that psychologists call `empathic accuracy’ and refers to how accurately one person can infer the thoughts and feelings of another person. It’s very common in most business disciplines and simply means that - for example - a member of the financial services team will presume that their colleague in sales fully understands the nuances of basic accountancy, when in fact this usually isn’t the case,” he said.

“In the case of IT security, empathic accuracy becomes a potentially dangerous presumption that needs supporting technology to help enforce positive levels of security across the entire organisation. And this technology, we have found, comes in the form of good policy management software,” he added.

The Cryptzone VP went on to say that NETconsent Compliance Suite  provides our clients with a policy management solution that compliments the more traditional IT security technologies to deliver a better overall security solution.

As the PwC/Infosecurity Show research shows, he says, because only 39 per cent of large organisations encrypt their downloaded data, 47 per cent have ended up losing or leaking confidential information held on mobile devices.

With effective security policy management and user awareness programs in place, staff are much more likely to adhere to the rules and therefore breaches become less likely.

As the PwC/Infosecurity Show research notes, he explained, breaches often occur due to ignorance rather than malice, meaning that staff need to better understand security policies in order to put them into practice.

The problem of security policy failures, says Saunders, has been made worse by the arrival of the BYOD (bring-your-own-device) trend in the workplace - and because of this, he recommends that the industry needs to be looking at how its can effectively deliver security policies to those devices.

“I think that is now essential that professionals update their firm’s security policies on a more regular basis, as technologies, working practices and what data staff are allowed to access changes so quickly over time,” he noted.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com