MEASURING TRUST IN PRIVACY AND SECURITY
Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Reshaping Financial Services IT: CIO Best Practices for the Shift Toward Mobile Speakers: Dr. Larry Ponemon, Chairman, Ponemon Institute Ojas Rege, VP Strategy, MobileIron Session Times: April 1st 8:00 AM PDT (San Francisco) / 4:00 PM BST (London) April 2nd 9:00 AM HKT (Hong Kong) / 6:00 PM PDT (San Francisco)    Widespread consumer adoption of mobile technology has set in motion a fundamental shift within financial services organizations. CIOs are learning to leverage the power of mobility to deliver a strategic business advantage by helping their firms become more efficient and flexible. For the first time, MobileIron will share data from a Ponemon Institute survey of 400 financial services organizations about the future of BlackBerry, BYOD, apps, and governance. Join MobileIron VP of Strategy Ojas Rege and Ponemon Institute Chairman and Founder Dr. Larry Ponemon for a practical and “eyes-wide-open” look at the issues CIOs and CISOs in financial services will need to address as mobile becomes a fundamental part of their computing environment. Key topics include: • Financial services mobile adoption forecasts • Trends in migration to multi-OS environments • Dependencies for successful mobile strategy deployment • Implications of user experience and security Register Now This session will be recorded and available for replay.

 


Blog Archives for July 2009
More Employees Ignoring Data Security Policies
June 10, 2009, 4:38 pm

Does it surprise you to learn that, according to our recent study, Trends in Insider Compliance with Data Security Policies: Employees Evade and Ignore Security, employee compliance with corporate data security policies is on the wane?

Why do you think this is?  I’m seeing a confluence of conditions that appear to be contributing to this challenge to data integrity: the development of new, mobile technologies that empower employees to do more while away from the office; a failure of organizations to keep pace with the ways technology is changing the dynamics of data security; and current economic conditions that are putting increased pressure on individuals to be more productive with fewer resources.

According to our study, made possible through a sponsorship by secure USB flash drive developer IronKey, employees routinely engage in activities that put sensitive data at risk.  They are downloading data onto unsecured mobile devices (61%), sharing passwords (47%), losing data-bearing devices (43%), and turning off their mobile devices’ security tools (21%).  And, reflective of the blurring of the lines between personal and professional lives, they are using web-based personal email in the office (52%), downloading Internet software onto an employer’s devices (53%), and engaging in online social networking while in the workplace (31%).

With the exception of social networking, which we measured for the first time this year, each of these risky behaviors represents an increase compared to last year's results.

Interestingly, of those surveyed, 58% said their employer failed to provide adequate data security awareness and training, and 57% said their employer’s data protection policies were ineffective. According to 43%, there was poor communication and enforcement of data security policies.

The Ponemon Institute believes these results show overall lack of urgency by companies on the need to address data security.  Unfortunately, our studies have also shown that it often takes a data breach incident before an organization will finally get their wake-up call and take data security seriously.

Categories
Security (23)
Privacy (22)
global security (1)
Providers (1)