Two-Thirds Of Employees Have To Bypass Data Security Controls To Do Their Jobs, Survey Finds
Ely, England (PRWEB) March 31, 2008 -- Sixty-eight percent of employees admit to bypassing their employers' information security controls in order to do their jobs, according to new research from IT Governance Limited (http://www.itgovernance.co.uk/). This finding suggests that, even in some of the most sophisticated and security-conscious organisations, managers are failing to understand the correct balance between the confidentiality and availability of information. By implementing the wrong policies and procedures, they are potentially putting their organisations at risk and may be undermining the legitimacy of information security in employees' eyes.
IT Governance Limited is the one-stop shop for books, tools, training and consultancy on Governance, Risk and Compliance. In February 2008, it polled 130 technology and compliance professionals on issues concerning the UK Data Protection Act ('DPA'). The respondents included some of the best informed professionals in this area, as evidenced by the high proportion of organisations with independently certified data security measures. The full findings of this survey will be published next month in 'Data Breaches: Trends, Costs and Best Practices' (http://www.itgovernance.co.uk/products/1615), the first of IT Governance's new series of Best Practice Reports (http://www.itgovernance.co.uk/best-practice-reports.aspx).
The research found that most organisations appeared aware of their responsibilities under the DPA, with over 80 percent having a data controller or someone responsible for maintaining privacy. Eighty-two percent of organisations had clear policies and procedures for protecting personal data, including documented procedures (68 percent of organisations), formal procedures (57 percent) and informal procedures (24 percent). Twenty-one percent had policies and procedures certified to best practice standards, such as ISO27001 (http://www.itgovernance.co.uk/iso27001.aspx), indicating that respondents represented organisations that are particularly well managed in the field of information security. Nevertheless, the high incidence of employees deliberately circumventing policies and procedures indicates that many of the measures introduced by management are unduly obstructive, either in design or implementation.
Organisations also differ in the comprehensiveness of their data security regimes. While 89 percent cover access to personal data, only 56 percent govern detecting and reporting data losses, while just 39 percent extend to correcting data loss incidents.
The need for DPA compliance is clear, with 96 percent of the organisations represented holding personal information about customers, patients or other individuals. Of these, 56 percent hold payment card or other financial information; 39 percent hold sensitive personal information, such as ethnicity, religion or political affiliation; and 36 percent hold medical information. However, only 55 percent of employees handling personal data have been trained in their legal responsibilities in respect of this information.
Alan Calder, Chief Executive of IT Governance, said, "Under the Data Protection Act, it is a legal requirement for organisations to safeguard personal information, but this can only be achieved with the support of employees. By imposing ill-considered procedures, many organisations leave people little option but to break the rules if they are to do their jobs. This not only leaves businesses vulnerable to data breaches and fines, but also does lasting damage to the way employees regard infosecurity. If more organisations followed best practice standards like ISO27001, they would be doing a service to their customers, employees and themselves by making data security workable and readily adopted."
Priced at £195.00/$386.10/?253.50, Data Breaches: Trends, Costs and Best Practices will be published by IT Governance on 15 April 2008 and can be pre-ordered from http://www.itgovernance.co.uk/products/1615 at a specially discounted price.
NOTES TO EDITORS
IT Governance Ltd is the one-stop shop for books, tools, training and consultancy for Governance, Risk Management and Compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is 'non-geek', approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.
Alan Calder is an international authority on information security management. He led the world's first successful implementation of BS7799, the information security management standard upon which ISO27001 is based, and wrote the definitive compliance guide for this standard, 'IT Governance: A Manager's Guide to Data Security and BS7799/ISO17799'. The 3rd edition of this book is the basis for the UK Open University's postgraduate course on Information Security. He is a consultant to companies including Cisco. He regularly blogs on IT security issues at http://alancalder.blogspot.com/.
# # #
Related Articles:
How To Write A Resume, Avoid These Resume Mistakes
HOW TO WRITE A RESUME-MISTAKE #1NEVER USE THE WRONG PAPER!
What kind of paper should you choose when typing your resume? The color of paper you will want to use will be white or ivory. You will also want to type your resume on a heavier paper, such as a 20 lb.
Computer Consultants: The Benefits Of Self-Employment
Working as computer consultants for small businesses can be very financially rewarding and very gratifying. In this article you'll learn about some of the benefits you'll realize as computer consultants.
AspireHR?s TalentScout Resume Parsing Achieves SAP® Certified Integration Status
AspireHR, an SAP® services partner and a leading implementer of the SAP E-Recruiting application, announced today that its TalentScout Resume Parsing 6.0 has achieved SAP Certified Integration status for use with the SAP E-Recruiting Resume Parsing 603 application.
Employment Lawsuits Hit a New Low
When the EEOC sued Ralph Loren because one of their photo shoots needed all blondes in it and denied a brunette an audition, one could conclude that political correctness and employment lawsuits hit an all time low. Swim suit models who were dark haired complained that they did not get the part? Die your hair for the week.
Tips For Successful Job Hunting: How To Get A Job Without A Resume
I am in my mid-thirties, and, as you can imagine, I have changed and looked for jobs many times in my life. No matter how successful was in my job hunting research, I realized that there are certain ground "rules" that need to be respected; otherwise, we will not get what we want from our careers.
NAS, Taleo Partner to Boost Employment Brand/Career Site Development Services
NAS Recruitment Communications, an industry leader and innovator in employment branding, interactive marketing and career site development, announced today the launch of a strategic partnership with Taleo Corporation, the leading provider of on-demand talent management solutions.
z/Journal Launches Mainframe Jobs Website - Post Jobs for only $99
Employers can now offer mainframe IT jobs for only $99 for 60-days directly to over 150,000 readers and visitors of the largest independent publication serving mainframe IT professionals.
Resume? Or Resume NOT? With Screening Software Becoming More Prevalent, Your Cover Letter Is Key To Getting Job Interviews
Don?t forget to appeal to the human reader, suggests WallStJobs.com as "robo-resume-readers" make the first cuts.
MatchHire Streamlines Applicant Tracking with Resume Parser
Avidweb Technologies Inc., the foremost online recruitment company, introduced its much anticipated Resume Parsing Solution to their clients. The resume parser built into MatchHire's Recruiting Solution allows recruiters and HR departments to accurately and automatically capture candidates contact details and other information directly into their database.
Diversify Your Search for Finance Graduate Jobs
The act of getting a finance degree in an accredited university is not enough to land a job. The financial sector is highly competitive based on a number of factors not the least of which is the importance of individuals capable of dealing with high stress jobs. A finance degree does not carry the same weight as it once did based on the number of finance professionals looking for work worldwide. Your knowledge of available employers of finance graduates will give you a leg up on the competition.
10 Resume writing tips to land you your dream job
Imagine yourself sitting in an employer's desk with hundreds of resumes falling in on your desk against a vacancy declared by you in your company. Number of vacancy - 1, and number of applicants - innumerable. As an employer it is your responsibility to select the most deserving, suitable and competent candidate. So it is up to the candidate to snatch the employer's attention out of those hundreds of resume application. As such, writing a resume is all about knowing what employers specifically look for in an applicant's application. So, never make the mistake of underestimating the importance of a "good and eye-catching resume".
Open Media Graduate Jobs In The UK
Graduates in the United Kingdom who are interested in using their communications skills and journalistic acumen to full effect are entering a dynamic job market. Media graduate jobs in the UK have become plentiful with the rise of Internet-based media and alternative sources of information to cable news or print publications. As such, a graduate who has a traditional view of what media jobs are available to them needs to think outside of the box. The job hunt for graduate jobs with media companies is less about building up clips and meeting with newspaper editors as it is developing a portfolio of design and writing material to dazzle online editors.
Working A Home Business: The Most Convenient Employment Oppurtunity On Earth
Working a home business is becoming a widespread phenomenon in the world of employment, and for plenty of good reasons. Among these reasons, of which there are many, are a multitude of new career opportunities, flexibility in scheduling, low or non-existent overhead, no coworkers or (in most cases) employer, around-the-clock business and instantaneous networking and interpersonal contacts, quick and easy research and cross referencing, and, most importantly from a home business standpoint, a global economy for every home business owner situated along the cyber highway. Because of these many convinces, there is no wonder why so many people are getting in on the Internet game, including corporate and big business.
Employment Legislation: Proposed Employment Law Changes - To Take Effect 1 October 2005
Proposed changes to the Sex Discrimination Act ("SDA") 1975 and the Equal Pay Act ("EPA") 1970 under the amended Equal Treatment Directive (2002/73/EC) will be implemented on 1 October 2005. To ensure that your company's policies comply with these proposed reforms please contact us at enquiries@rtcoopers.
OnlineSummerJobs.Com Launches Free Online Job Site To Help Students, Teens, Teachers, And Seasonal Workers Find Summer Employment
Just in time for the summer job search season, OnlineSummerJobs.Com, today, announces the launch of its new website which focuses on helping job seekers find student summer jobs, summer internships, summer camp jobs, teen jobs and more.