A ground-breaking survey of IT managers has uncovered the main issue behind computer security and promised to solve the problem once and for all.
After speaking to more than 200 UK managers, the survey concluded that the overwhelming and costly business of security can be pinned on one definable group of individuals - end users.
The findings, by “compliance and security software company” PolicyMatter, are sure to shock CEOs out of their complacency. But even more eye-opening revelations came forth from PolicyMatter: a large number of IT managers don’t trust end users.
Yes, 40 per cent said the users of their network - ranging from sales and marketing teams to accounts or secretarial - were “IT security incidents waiting to happen”. A further staggering 21 per cent view them as a “necessary evil”. Just 32 per cent saw them as “valuable assets” and only seven per cent as “guardians of the organisation’s data”.
With such neutral choices available for selection, PolicyMatter’s results are sure to be taken seriously, even though IT managers' distrust of end users goes against conventional wisdom.
Worse than that though, users are thought to be “misusing” the company’s systems. While thankfully sparing the details, the survey points out that 64 per cent of managers said users “were prone to sometimes misusing” networks. Incredibly, 43 per cent put this behaviour down to “users believing their actions, while not in line with company policy, will not have any negative effects on the company”.
While no doubt knocked into a state of high anxiety by the deafening sound of alarm bells, the report’s authors nonetheless step back from advocating the removal of all end users to preserve a system’s security. Instead, all computer problems can be solved in one fell swoop by making all staff sign up to an AUP.
That’s right, an AUP, or acceptable use policy, will mean that all employees are given a day of education about what is and isn’t acceptable on their company’s network and then made to sign a document to reinforce that education. As PolicyMatter points out though, just doing it once is not enough. You must constantly update those policies and get the staff back in again to explain and get them to sign it again. The only acceptable alternative is to fire everyone.
As luck would have it, PolicyMatter specialises in AUPs (pronounced “gulp”) and would be able to wipe out all security problems for ever for a small fee. And if you had any doubt remaining, we are reliably informed that “PolicyMatter is already in use with private and public sector organisations in the UK”. God speed you upholders of the computer network's honour.