One of the inescapable realities of enterprise cyber-security is that a huge gulf exists between what companies should do to protect their IT systems and data and what actually takes place. A recent research report released by Absolute Software, “IT Confidential: The State of Security Confidence,” illustrates the extent of the problem. The endpoint security and data risk management firm polled more than 500 U.S. employees who work in an IT or information security role and asked them about their security practices. The study found that, among other things, a shockingly high percentage of IT professionals admitted that they did not follow the same security protocols that they enforce on other employees. Many said they also intentionally circumvent key security policies. Consequently, many organizations—while placing a premium on security—expose themselves to significant risks.
More of the Baseline article from Samuel Greengard