Security management

I’ve just read a fine article from SecurityPark.net. It is widely considered that most security breaches result from human errors rather than technology malfunction. What’s more, the recent surveys signify that employers typically allow diverse online activities in the workplace, even if they are considered abusive. “By doing so, they are not only impacting their network performance but are compromising the productivity of employees whilst putting themselves at legal risk.” In fact, corporate senior management proves to be unprepared to take responsibility for Internet threats and more specifically the growing menace now facing us all that is spyware. Such activities as instant messaging, using Web-based email, recreational network surfing, downloading free software, personal online banking, storing personal files, sharing free music/video files, playing online games, running CD-Rom/DVD media or the use of USB flash drives on work PCs, are usually associated with high risks to information and privacy security.

A large number of companies are doing nothing to govern, manage and protect their networks from spyware and an even higher number are only going half way to combating the problem. Time and time again we have seen that policies alone – although essential from a legal perspective – are not enough to protect against a breach of company rules.

Security management should consider such issues as identifying, locating and finally securing confidential information and files. Above all, to make the security strategy work, management must ensure that employees realize their responsibility for providing secure information environment.

Leave a Reply