IT security and control firm Sophos has revealed new research
into the types of user businesses fear most likely to expose their
networks to IT threats. The research shows that 31 percent of
companies believe remote or mobile users expose their networks to
the greatest threat, compared to 25 percent that consider guests or
external contractors the greater danger. In contrast, an additional
44 percent of companies believe standard employees are actually
more likely to expose the network.
According to Sophos, many businesses struggle to ensure that
their mobile workforce adhere to the same security policies as
their desktop users. This is because they have insufficient insight
into whether these remote machines are equipped with the required
software, system patches and up-to-date security applications.
Furthermore, Sophos experts note that guests and contractors are
often overlooked from this equation and allowed to forgo these
security checks entirely, greatly increasing the chances of
exposing the company network to attack.
Survey results
Which users exposes your company to the greatest
threat?
|
| Contractors/outsourced
labor |
|
|
| Remote and mobile
employees |
|
|
| Guests |
|
|
| Standard
employees |
|
|
Sophos online survey, 208 respondents, September
2007.
"Remote workers and guests can be a real headache for IT
administrators trying to safeguard corporate networks, particularly
when they're using different devices, different security software
and different operating systems or system patches," said Graham Cluley, senior
technology consultant at Sophos. "These users don't have malicious
intentions, but if they're allowed to logon, they can inadvertently
expose the network to a myriad of security threats. Without a
solution for standardising who and what is allowed network access,
these companies are greatly increasing the risk of leaving avenues
open for cybercriminals to exploit."
The research also highlights the large proportion of
organisations that hold concerns over their desktop-based employees
- workers that are likely to be using similar devices and
permanently connected to the network. Whether down to irresponsible
online behaviour, utilising peer-to-peer applications or instant
messaging programs, or simply because their PC isn't correctly
configured, any employee that doesn't adhere to internal security
policy could be exposing the network to threats.
"It's concerning how many companies are unaware of non-compliant
machines being used on their network, even though they may be
permanently connected," continued Cluley. "However, irrespective of
where the problem lies, the answer is the same. Smart network
access control solutions can now help organizations comprehensively
enforce their security policies, ensuring that any non-compliant
device, whoever it may belong to, is locked down and unable to
jeopardize the network."
Sophos continues to recommend computer users practise safe
computing, as well as running a consolidated
solution which can control
network access and defend against the threats of spam, hackers,
spyware and viruses.
Disclaimer: Please bear in mind that this poll is not
scientific and is provided for information purposes only. Sophos
makes no guarantees about the accuracy of the results other than
that they reflect the choices of the users who participated.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.