Survey Shows Holes in Employee End of Security Management

When I worked for my former employer, I made a switch between departments, but for months, I continued to have access to the information from my former position. I continued to have access to certain databases and other areas long after I left the employer because I still had an active e-mail account and login. I tell this story as an example whenever someone asks me about "easy" security fixes because it seems so obvious (take away any login capabilities the moment an employee leaves the company), yet lax insider security continues to be a major problem.

 

At RSA, Quest Software released survey results that show just how big the holes are when managing the employee end of security management. A few of the findings include:

 

• 51 percent of IT professionals report they are concerned about insider threats to network security in their company's current infrastructure.
• One in 10 IT professionals admit they have accounts from previous jobs, from which they can still access systems even though they've left the organization.
• 52 percent of employees admit that they've shared their work logins and passwords with other co-workers and vice versa.
• More than a third (34 percent) of IT professionals say their companies don't realize the value of identity and access management technology as an integral part of their arsenal of security tools.

One of the issues I frequently heard at RSA was the need for better security education. We can't expect a one-day seminar on security policy or an employee booklet with security regulations to give anyone enough know-how on how to be safer and smarter about security and risk issues. I think the Quest survey shows just how important improved education is.

Sign up now and get the best business technology insights direct to your inbox.

SUBSCRIBE