On days like today the meaning of security suddenly becomes more palpable. The events in Boston serve to remind us that there are other considerations in our busy lives besides convenience.
That, however, has been the dominant motivating force driving our approach to technology and its uses. We do not want to be bothered by the time-consuming precautions required to assure that our data, our workplaces and our lives are safe. In the US since 2001 and the UK since 2007 we have been safe, at least from what is perhaps unrealistically called 'foreign' terror. But we may yet find that the perpetrators of this latest outrage were not bearded, turban-wearing tribesmen, but some domestic extremist upset about the specter of gun control, abortion or taxes. The point is that security is inconvenient for a reason.
We are all about synching our various devices: 24/7/365. Mobiles, tablets, laptops, whatever. We want instantaneous cross-platform access to information, friends, communications. And the higher we rise in an organization, as the following article explains, the more insistent we are that those connections are unimpeded.
But on a day like today, when all we can do is read about others' travails, it may pay to be mindful that our convenience comes with a cost. We may not be able to do anything about the victims in Boston or about the investigation to find their tormentors, but we can take basic steps to protect the organizations and people we care about and for whom we have some personal responsibility. JL
Bede McCarthy reports in the Financial Times:
Efforts to protect businesses from cyber attacks are being
undermined by the fact that nine out of 10 people knowingly breach their
employer’s data policies.
A survey of 165,000 employees showed 93 per cent of workers knowingly violate
policies designed to prevent data breaches, and senior executives are the worst
offenders. The CEB, a member-based advisory service formerly known as the
Corporate Executive Board, compiled the results over several years.The figures come at a time when IT departments are spending more on securing
precious data such as intellectual property and customer records. Mobile trends
such as
“bring
your own device”, where employees use their own phones, tablets and laptops
for work, make it difficult to secure information as it passes beyond the
corporate firewall and into the pockets of employees.
Despite a wave of new security products to adapt corporate IT security
measures to such trends, the biggest threat, according to CEB, remains the
loss
of a company device such as a mobile phone or tablet.
More than one-third of staff also admitted to writing down critical passwords
where they can be stolen, such as on post-it notes. Other common missteps
included copying sensitive documents on to portable drives and sharing passwords
with colleagues.
Jeremy Bergsman, senior research director at CEB, whose members include
BP and
Sprint, said people
outside traditional IT departments had a poor grasp of the risks involved, and
that correct processes were often too complicated for employees to bother.
“In order to get employees to do the right thing you need to make it as easy
as possible to do. These people are not malicious. Most people are just trying
to get their jobs done, that’s why they break policy,” he said.
The CEB also found that more than 60 per cent of businesses were likely to
have suffered a security breach without knowing it.
0 comments:
Post a Comment