Saturday, May 15, 2021

U.S. IT Security Tops in the Globe?

While there are some problems with IT security in the U.S., Americans in general have better security behavior to prevent data loss than other parts of the world. That’s a general finding in a new report sponsored by Cisco that asked 2,000 globally dispersed professionals about their views on behaviors that could lead to data leakage.

The study focused on behaviors of users and perceptions of IT owners and comes at a time when Vice Presidential candidate Governor Sarah Palin (R-AK) became the victim of an e-mail hack that could have led to data loss. Palin’s experience, though is not indicative of the behaviors of U.S. IT users on the whole, who are doing better than most of their counterparts around the world when it come to doing the right thing for security.

“Based on study, I agree that in general if you look through the data it appears that U.S.-based IT users have better behaviors that might contribute to less data loss issues,” Fred Kost, director of security solutions at Cisco told InternetNews.com. “And IT clearly perceives that they have better control.”

Kost added that the Cisco sponsored study did not measure whether there was a direct connection between better behaviors and actual data loss events. That said, Kost argued that better behaviors do lessen the risk.

So what are some of the better IT behaviors?

One of them is using corporate-owned assets to communicate with personal e-mail. In the U.S., 39 percent of respondents admitted to using their company owned computer for personal e-mail while in Germany the figure was 47 percent, India 58 percent and in China a whopping 61 percent.

Another bad behavior that Cisco asked about is whether users admitted to changing security settings on a company issued computer. In the U.S., only two percent of respondents admitted to changing security settings. Other countries scored significantly worse with nine percent in the UK, 10 percent in France, 20 percent in India and a staggering 42 percent in China admitting that they changed security settings.

The majority (52 percent) of users globally that changed their security settings did so to visit a Web site that they wanted to view that was not allowed by their company’s policy. At a core level, IT professionals reported that it is the un-authorized use of applications and Web sites that leads to data loss incidents.

“So the very thing that IT is putting in place to protect end users is being disabled,” Kost said. “A lot of this is about users and IT trusting each other to do the right thing.”

In the case of Governor Palin, Kost noted that her case highlights the blurring of the personal and business use of e-mail.

“If I’m using Yahoo to access my personal e-mail on a computer that I also access my corporate e-mail on my behavior on Yahoo could propagate risk to the corporate side of my computer,” Kost said.

Kost added that the social engineering risk is also something to consider as well, since the disclosure of even small bits of personal information could lead to a wider data loss issue.

“The Palin case highlights both the social engineering risk and also the use of work and personal e-mail,” Kost commented. “I can’t say if we’d had an increase in people inquiring about e-mail security directly as a result of Palin, but it defiantly highlights the risk that people may not perceive as risk.”

This article was first published on InternetNews.com.

Similar articles

Latest Articles

How IBM has Changed...

Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...