|By Business Wire||
|June 26, 2014 09:07 AM EDT||
The majority of desk-based workers in the US and the UK do not believe that sharing their work-related logins represents a security risk to their employer, new research has shown. The findings, revealed in a new report from security software provider IS Decisions, also highlight a particular lack of understanding in organisations’ top levels, with an even greater majority (54%) of those in senior management failing to recognise the risk of sharing login details.
The report, titled ‘From Brutus to Snowden: a study of insider threat personas’, is based on a study of 1000 US and 1000 UK desk-based workers, delving into how perceptions, attitudes and behaviour with regards to security in the workplace differ across demographics, job roles and industries. It reveals that while the majority of people (54%) believe themselves to be considerate of the security of work-related information, many lack the education or understanding to act accordingly. This became apparent in a number of key findings, including:
- Less than a third of people (28%) would know who to report a security breach to in their organisation
- Nearly a quarter (23%) of people have shared their password with one or more of their colleagues, with a further 10% having shared theirs with a manager
- Password sharing is increasing, with 22% agreeing that they share their work logins more frequently now than they did two years ago, with those in marketing (33%), sales (30%) and IT (27%) being the most likely culprits
Age defining attitudes
The report shows a huge difference in security attitudes between younger and older generations, with those in age groups 16 to 24 and 25 to 34 being far more likely to share work logins (35% and 32% respectively) than those of over 35 (15%).
How to alter behaviour
The study also found that the strongest incentive for preventing users sharing passwords is if someone else using your login restricts your own access, cited by 29% as the most likely measure to stop them. This was found to be a particularly effective measure for those younger generations (37% of those aged 16 to 24 and 36% aged 25 to 34).
François Amigorena, CEO of IS Decisions, commented: “Insider threat does not have to be a total unknown. One of the most important steps towards tackling internal security is understanding your own users, and their attitudes and behavior, in order to know the risks and mitigate against them.
“What we’ve found as a recurring theme is lack of education, though manifesting itself wildly differently, with differences between generations, an interesting trend for what appears to be wilful flouting of policy in some regulated industries and a ‘do as I say, not as I do’ attitude from many in senior management. This breadth of different attitudes highlights the need for a tailored approach to tackling internal security, that addresses everyone in an organisation, from top to bottom.”
About IS Decisions
IS Decisions makes it easy to safeguard and secure your Microsoft Windows and Active Directory infrastructure. With solutions for user access control, file auditing, server and desktop reporting, and remote installations, IS Decisions combines the powerful security today’s business world mandates with the innovative simplicity the modern user expects. Over 3,000 customers around the world rely on IS Decisions to prevent security breaches; ensure compliance with major regulations, such as SOX, FISMA and HIPAA; quickly respond to IT emergencies; and gain time and cost-savings for IT.
IS Decisions is a Microsoft Silver Partner based in Biarritz, France. Customers include American Express, BAE Systems, BMW, Computer Sciences Corporation, FBI, Frito-Lay, GlaxoSmithKline, IBM, Lockheed Martin, Mitsubishi, Oxford University, South Wales Police, TimeWarner, United Nations Organization, US Department of Justice, US Department of Veterans Affairs and US Navy Marine Corps.
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY, and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company...
May. 3, 2015 03:00 PM EDT Reads: 924
Enterprise IoT is an exciting and chaotic space with a lot of potential to transform how the enterprise resources are managed. In his session at @ThingsExpo, Hari Srinivasan, Sr Product Manager at Cisco, will describe the challenges in enabling mass adoption of IoT, and share perspectives and insights on architectures/standards/protocols that are necessary to build a healthy ecosystem and lay the foundation to for a wide variety of exciting IoT use cases in the years to come.
May. 3, 2015 03:00 PM EDT Reads: 1,115
SYS-CON Events announced today that CenturyLink, Inc., a leader in the network services market, has been named “Platinum Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. CenturyLink is the third largest telecommunications company in the United States and is recognized as a leader in the network services market by technology industry analyst firms. The company is a global leader in cloud infrastructure and ...
May. 3, 2015 02:30 PM EDT Reads: 1,018
Docker is becoming very popular--we are seeing every major private and public cloud vendor racing to adopt it. It promises portability and interoperability, and is quickly becoming the currency of the Cloud. In his session at DevOps Summit, Bart Copeland, CEO of ActiveState, discussed why Docker is so important to the future of the cloud, but will also take a step back and show that Docker is actually only one piece of the puzzle. Copeland will outline the bigger picture of where Docker fits a...
May. 3, 2015 02:15 PM EDT Reads: 5,103
SYS-CON Events announced today the DevOps Foundation Certification Course, being held June ?, 2015, in conjunction with DevOps Summit and 16th Cloud Expo at the Javits Center in New York City, NY. This sixteen (16) hour course provides an introduction to DevOps – the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will res...
May. 3, 2015 12:30 PM EDT Reads: 3,193
As cloud gives an opportunity to businesses to buy services externally – how is cloud impacting your customers? In his General Session at 15th Cloud Expo, Fabio Gori, Director of Worldwide Cloud Marketing at Cisco, provided answers to big questions: Do you see hybrid cloud as where the world is going? What benefits does it bring? And how does Cisco connect all of these clouds? He also discussed Intercloud and Cisco’s investment on it.
May. 3, 2015 12:00 PM EDT Reads: 4,966
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
May. 3, 2015 12:00 PM EDT Reads: 4,334
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch ...
May. 3, 2015 12:00 PM EDT Reads: 3,673
A new definition of Big Data & the practical applications of the defined components & associated technical architecture models This presentation introduces a new definition of Big Data, along with the practical applications of the defined components and associated technical architecture models. In his session at Big Data Expo, Tony Shan will start with looking into the concept of Big Data and tracing back the first definition by Doug Laney, and then he will dive deep into the description of 3V...
May. 3, 2015 12:00 PM EDT Reads: 918
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides private all-in-one social intranets allowing workers to securely collaborate from anywhere in the world and from any device. Social, mobile, and eas...
May. 3, 2015 11:00 AM EDT Reads: 4,260
There is no doubt that Big Data is here and getting bigger every day. Building a Big Data infrastructure today is no easy task. There are an enormous number of choices for database engines and technologies. To make things even more challenging, requirements are getting more sophisticated, and the standard paradigm of supporting historical analytics queries is often just one facet of what is needed. As Big Data growth continues, organizations are demanding real-time access to data, allowing immed...
May. 3, 2015 11:00 AM EDT Reads: 5,504
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on T...
May. 3, 2015 11:00 AM EDT Reads: 2,767
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
May. 3, 2015 10:45 AM EDT Reads: 4,168
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
May. 3, 2015 10:30 AM EDT Reads: 5,180
There are 182 billion emails sent every day, generating a lot of data about how recipients and ISPs respond. Many marketers take a more-is-better approach to stats, preferring to have the ability to slice and dice their email lists based numerous arbitrary stats. However, fundamentally what really matters is whether or not sending an email to a particular recipient will generate value. Data Scientists can design high-level insights such as engagement prediction models and content clusters that a...
May. 3, 2015 10:15 AM EDT Reads: 4,250