Majority of IT professionals don't trust end users
Survey shows that 96% of IT professionals think end users pose IT security threat
A new study shows that 96% of IT professionals do not trust the end users in their organisations to make sound IT security decisions.
The survey, conducted by security company Sophos, sampled IT professionals around the world, and found that around half have to fix security issues caused by end users at least once a week.
The survey also showed that 26% of respondents thought that senior management commits the worst IT security offences, while 19% thought that the IT department committed the worst offences.
The figures highlight the risks posed by end users, says Sophos, and the need to educate them on proper security procedures and practices. The company has released a free training tool for IT professionals, IT Security DOs and DON'Ts, that provides a range of different education materials that the IT department can use to educate end users.
The security kit includes a launch guide with quick tips for IT professionals to begin an educational program, IT security ‘dos' and ‘don'ts' posters and handbooks for end users with top 10 tips, reminder email templates, a one page guide to help end users create strong passwords and a PowerPoint presentation for IT professionals to use for training.
"Creating a comprehensive security policy is difficult enough without having employees accidently subverting the protocols we have in place. However, taking the time to create an all-encompassing educational campaign can be too time consuming," said Damian Barry, president, Global Business Technology. "Using the program that Sophos has developed rather than creating something from scratch will help me keep my clients informed so I can continue focusing on other tasks."
"We provide organizations with everything they need to protect their networks-from a suite of complete security solutions to educational tools," said Mark Harris, vice president, SophosLabs, Sophos. "We're excited that we have been able to transform our security expertise into a range educational tools that will both inform and entertain."