If you are part of a security team that spends time carefully piecing together and reviewing corporate IT security policies, this may hurt your feelings: According to a new survey jointly commissioned by Xerox and McAfee, more than half of workers don’t always follow or are unaware of their company’s security policies.
But those facts shouldn’t come as much of a surprise. This isn’t the first survey that shows employees will go through whatever steps they can to access the Internet at any cost, visit the sites they want, copy data they feel they are entitled to, and access information that may not necessarily be relevant to their job function.
The survey numbers show that more than half (54 percent) of employees don’t always follow their company’s IT security policies, or aren’t even aware of the policies (21 percent).
Are your corporate secrets walking out the door? According to the survey, 39 percent of employees who copy, scan or print confidential information at work worry at least sometimes whether the information on a networked device will remain secure.
As just about any survey commissioned by an IT Security vendor has a purpose, McAfee and Xerox released the results of the study in conjunction with news that the two companies are teaming up to design a security system to help companies protect against threats to confidential corporate data.
The companies said that by integrating embedded McAfee software into Xerox technology, they plan to use a whitelisting method that allows only approved files to run, offering more protection than traditional black listing tactics, where a user has to be aware of and proactively block viruses, spyware and other malicious software.
Xerox and McAfee are improving the safety of devices on the network to protect proprietary company data – a solution they says is needed according to survey data, which also found that some companies don’t take simple steps to lessen the risk, such as making sure employees are aware of IT policies and use access codes to pick up prints and copies.
Additional survey results revealed that:
• Half (51 percent) of those employees whose workplace has a printer, copier or MFP say they’ve copied, scanned or printed confidential information at work.
• Of the 39 percent who say they are at least sometimes worried about confidential information staying secure, 86 percent say they are at least somewhat worried about personal information, 77 percent say customer data, 77 percent say employee information and 70 percent say proprietary company information.
• More than half (54 percent) say computers pose the biggest security threat to their company’s network compared to other IT devices, while only 6 percent say it is MFPs.
• Only 13 percent of employees whose workplace has a printer, copier or MFP say they are prompted to enter a password or passcode on the MFP before releasing a job they’ve printed or accessing the ability to copy.
“With more than 50,000 new security threats emerging each day, protecting sensitive company information can be intimidating for IT managers – especially when you consider that any device sitting on the network, from a PC to a fax machine, can be exposed to those threats,” said Rick Dastin, president, Enterprise Business Group, Xerox Corporation. “This partnership will work to ensure those devices are secure and company information is protected.”
This survey was conducted online within the United States by Harris Interactive from Jan. 5-9, 2012 among 2,541 adults ages 18 and older, of which 1,391 are employed full and/or part time.