A recent study by Clearswift indicates that companies aren’t doing enough to train their workers about Internet security.
The Web and email security company conducted a survey of some 2,000 office workers in the U.S. UK, Australia, Germany, and the Netherlands, and found that only 29% had received Internet policy training in the past 12 years. Half of the respondents said they’d never had a dedicated session on their company’s security policy while 38% had no security training at all (dedicated or otherwise).
The lack of training is lost on employees, according to the study: Only 27% think their company could do better at communicating its online security policy. In fact, 71% report that their company has an Internet policy and that most of their coworkers are aware of it.
“Given the speed of all the new social media threats, it seems a little lax,” Alyn Hockey, Clearswift’s director of product management, said of the lack of security training.
The study also showed that workers are applying their own rules to technology use. Forty-four percent reported storing work data on personal memory devices and 25% use personal accounts on social networks to comment about their job. Twenty percent said IT security breaches happen when workers are trying to get their jobs done more efficiently.