Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Security training needed for corporate network users.

Dns : 14 April, 2008  (Technical Article)
According to dns, companies are providing too much access to inexperienced users and thus fuelling the risk of compromising corporate data.
Latest government research suggests that organisations are giving users greater freedom on the corporate network, without first ensuring that the necessary security training is in place. Without such training, companies are potentially negating any IT security they have in place.

The research shows that while 7 out of 8 firms have information security policies in place, they are slowly loosening their grip on securing user's access to the network. Also, with 54% of companies allowing staff to access systems remotely, users who may have missed out on vital basic computing practices are leaving the back door open for cybercrime. Such risks compromise sensitive data and web applications, potentially leaving a gateway for criminal opportunist to create havoc.

In an effort to take active interest in securing the network, many firms have tried to introduce behavioural change programmes as a way of re-educating users. However, with ineffective security policies at the heart of the problem, companies must take a more definitive approach to managing their networks and user behaviour.

Natasja Bolton, head of assurance services at dns, a specialist information security consultancy in the UK, argues that staff training on best practice computing and enforcing an active security policy is essential in preventing increasingly sophisticated threats from disrupting the network:

"Responsibility rests with each organisation to implement their own security policy and ensure that they are fully protected. But, while it is commendable that many companies have taken steps to protect themselves, they can't hope to keep mitigating threats if users are not taking basic precautions when accessing the network remotely. Increasing pressure on in-house IT teams means that if staff don't have even a basic understanding of current threats, they are likely to compromise the network due to user error."

Bolton adds, "Organisations can bolster their security policies by outsourcing the implementation of information systems to a dedicated team of security experts. Users don't need in-depth knowledge of penetration testing or web application security; all they need to know is how to log on and surf safely. Managing this process 24/7 will leave companies in a better position to identify vulnerabilities and train staff to stick to acceptable user guidelines. This strategy can help firms reclaim control of user activity and help to enforce active security policies."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo