|
| Are workers putting their companies at risk by
acting unsafely online? |
A survey1 carried out by Sophos, a
global leader in protecting organizations against viruses, spyware
and spam, has revealed that 79% of IT professionals believe that
employees are putting their companies at risk by failing to act
safely online. Sophos warns that despite instructions from IT
departments, many employees continue to open unsolicited emails and
attachments and download malware from websites.
With cybercrime becoming increasingly more financially
motivated, Sophos warns that these employees are jeopardizing the
bottom lines of their employers and urges organizations to deal
with this problem as soon as possible. Sophos appeals to board
level management to lead from the top and champion this cause
throughout the company.
"In most cases, it's not that people deliberately behave
recklessly online - rather, they don't know how to act responsibly,
and may not be fully aware of the potential consequences of unsafe
internet and email usage," said Graham Cluley, senior
technology consultant at Sophos. "Whether staff are downloading and
opening unsolicited attachments, or surfing the web for sordid
content not permissible at home, it's the responsibility of the
company to ensure that employees are educated about the risks, and
given the right tools to defend themselves."
Sophos lists the 'sinful seven' online activities at work as
follows:
- Downloading music and movies
- Opening email attachments or clicking on links in unsolicited
emails
- Surfing pornographic or other dubious websites
- Running "joke" programs sent by friends and colleagues
- Installing unauthorized software and web browser plug-ins
- Giving information to unknown parties via phone or email
- Using the same password on different websites
Sophos notes that the actions which lead to employees
compromising an organization's IT security are, in most cases,
deemed as serious offences. Another Sophos poll2 showed that 63% of IT professionals think that
workers who do not follow safe computing guidelines, despite being
made aware of the risks, should receive official warnings, followed
by dismissal. 10% believed the employees should be instantly
dismissed.
"These results show that IT departments are taking security
seriously," continued Cluley. "IT managers must now look to enforce
strict policies on internet and email use to ensure business
networks remain safe and secure, as well as running anti-virus and
other security software. Users, for their part, must sit up and
listen to the advice they are given by their IT teams or risk
losing their jobs."
Sophos recommends that companies combine a safe computing policy to ensure employees act
safely online, with protection at the email gateway to defend
against viruses, spyware and spam. Businesses should also secure
their desktop and servers with automatically
updated protection.
- 410 respondents. Poll conducted by Sophos between 25 August and
7 September, 2005
- 491 respondents. Poll conducted by Sophos between 28 July and 4
August, 2005
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.