I’m always surprised (for some reason) when I wander into a new corporate environment. Walking from the front door to the conference room of the day I invariably pass workstations with Facebook, MySpace or something equally inane gracing the screen. To say nothing of folks who install P2P apps on their corporate systems.
Where’d their brains go? It’s not like they don’t get the riot act read to them when they start a new job. For that matter most environments provide regular “security awareness” training. Still it continues.
CIO has an interesting article on the enduring disregard that white collar folks have for privacy.
The telephone survey of 1000 “white-collar†employees conducted by the London-based IT security association found 65 percent of respondents are not very concerned or not at all worried about their privacy on work computers, while 63 percent were not worried about the security of information stored on their computers.
Peer-to-peer file-sharing programs were regularly used at work by 7 percent of respondents, and at least once by 15 percent. Up to 35 percent of respondents admitted violating corporate IT policy, however the survey did not reveal the details of the breaches.
How can we as security folks bridge the gap to help educate folks in a meaningful manner?
I’m going to take this box of chocolate bars and go for a walk.
🙂