Survey: Gap Remains Between IT Security Issues And Deployed Solutions
CDW Corp. recently released the CDW User-Proof IT Security Report, which reveals a disparity between the most common IT security headaches and businesses’ deployment of solutions that could relieve them.
Survey respondents said their most common problems stem from employees using the Internet inappropriately, using unapproved software, and circumventing security infrastructure and policies. However, the study found companies lagged in their use of tools such as Internet content filtering or network auditing and visibility systems, which would help IT management spot and sometimes avoid such risky behavior by network users.
Specific findings of CDW’s User-Proof IT Security Report include:
- Inappropriate use of the Internet on company networks is the top IT security headache, but just 56 percent of companies have Internet content filtering and blocking solutions in place
- Installation and use of unauthorized software programs is a top challenge, but just 40 percent of respondents note that they employ network auditing and visibility systems
- IT professionals whose organizations employ content monitoring and filtering, SSL protection, mail gateway security and similar measures to address common headaches give their network users higher grades for overall IT security compliance
CDW surveyed IT professionals at companies with more than 100 employees, focusing exclusively on those who said their organizations have written IT security policies and procedures. The survey asked respondents to grade their IT network users as a group on their understanding of and compliance with their IT security policies, and then asked in-depth questions regarding what security measures their companies employ and how IT security solutions could be improved to increase user compliance.
Responding IT professionals said their IT security systems are easy to use, but also reported much room for improvement in end-user understanding and compliance with security policies and procedures.
Seventy-seven percent of IT professionals said that their IT security systems are very easy or somewhat easy to use, but just 23 percent gave their users an ‘A’ on compliance with IT security policies, procedures and required practices. Asked to assess available security solutions, IT professionals wanted vendors to provide still more user-friendly and easier-to-manage solutions that require less IT staff intervention.
“Clearly, IT departments -- and IT security managers in particular -- are some of the busiest people in the business world today, and they spend so much time responding to client department needs that they don’t always have time or resources to address security priorities,” said Grimsley. “Outside resources appear to play an increasingly important role in IT security, and having a trusted advisor to lean on for information and counsel may help IT professionals make better decisions more quickly.”
CDW’s national online survey, taken during March 2008, collected responses from 304 IT professionals who said their companies have written IT security policies and procedures. Thirty-nine percent of the participants were from companies with 101-500 employees, and 61 percent were from companies with more than 500 employees. The margin of error for the study is ±5.6 percent at a 95 percent confidence level.
For the complete survey, visit http://www.cdw.com/userproofsecurity.