Saturday, March 15, 2008

7 Security Rules Employees Love to Break

Research from the Ponemon Institute finds that either companies are not setting, or employees are not following, data security procedures in several high-risk areas.

“Data Security Policies Are Not Enforced,” a survey of 893 corporate IT workers, examined the risks associated with storing and transporting sensitive information and looked at how well companies are implementing and enforcing policies to protect against this risk.

1. Copying confidential information onto a USB memory stick.
2. Accessing web-based e-mail accounts from a workplace computer.
3. Losing a portable data-bearing device.
4. Downloading personal software onto a company computer.
5. Sending workplace documents as an attachment in e-mail.
6. Disabling security and firewall settings.
7. Sharing passwords with co-workers.
(more)