Altered Security Settings Pose Data Leakage Problems
The results of a new global security study have revealed that corporate data is being put increasingly at risk by employees altering security settings on work devices in order to bypass IT policy so they can access unauthorized websites.
This is just one of the main findings of a study which has identified the most common data leakage mistakes among workforces around the world, based on surveys of more than 2,000 employees and information technology professionals in 10 countries.
The intention of the study, commissioned by Cisco, was to examine the security and data leakage implications of the increasing move to distributed business models and remote workforces, and the associated blurring of lines between work life and personal life.
Other employee mistakes that commonly give rise to security concerns include:
• Using unauthorized applications and websites, such as unsanctioned social media and online shopping venues.
• Accessing unauthorized parts of a network or facility.
• Using work computers on a daily basis for personal use. Activities included music downloads, shopping, banking, blogging and participating in chat groups.
• Leaving computers logged on and unlocked when they’re away from their desk. These employees also tended to leave laptops on their desks overnight, sometimes without logging off, creating potential theft incidents and access to corporate and personal data.
• Storing system logins and passwords on their computer or writing them down and leaving them on their desk, in unlocked cabinets, or pasted on their computers.
• Losing portable storage devices containing corporate data.
The dangers of this final point were graphically illustrated by another recent survey which that found that in the last six months alone, passengers have forgotten a staggering 55,843 mobile phones and 6,193 other handheld devices such as laptops, iPods and memory sticks whilst traveling in London taxis!