Lieberman Software Corporation has published a survey revealing that better than 80% of IT security professionals believe that corporate employees deliberately ignore the security rules and directives they issue.
The survey — conducted in February at the 2013 RSA Conference in San Francisco — examined the opinions of almost 250 IT security professionals and discovered that more than half of them think that company workers deliberately ignore IT security directives. Moreover, the surveyed IT professionals are skeptical that end-users would heed IT directives even if executive management mandated them.
The survey’s findings accompany a call from IT security professionals and vendors for improved IT security within organizations, as well as strategic guidance issued from the board level.
The dangers of ignoring IT security are evident as it unnecessarily leaves corporate data and customer information subject to compromise. Given that human error is known to be the leading cause of data breaches, organizations must institute stronger, more comprehensive cyber security training that properly instructs staff about the consequences of data breaches.
One possible solution that organizations should consider is privileged identity management (PIM). PIM solutions ensure that sensitive, privileged accounts throughout the enterprise are accessible only to authorized IT personnel with limited-time and monitored access.
PIM implementations safeguard against accidental or malicious changing of configuration settings by end users, access to systems with sensitive data or prevent other unnecessary actions.