And, would you care to guess who your weakest link is, in terms of maintaining good security? According to a recent study, those folks most often tasked with keeping things secure for the enterprise, are also actually the ones most likely to cut corners themselves.
When I saw that, I initially wanted to be stubborn and deny it was possible. But after a quick thought, I realized it was more than likely spot on.
Think about it. When the company puts a process in place, say, for securing a server, or accessing things remotely, 99 percent of people will adhere to the policy all the time. But, that one percent who don’t? Who are they? They would most often be your IT staff. It’s the do as I say, not as I do mentality. But if they have the ability to give themselves access to things that don’t require them to use the RSA tokens, or are much more convenient than the average user has to contend with, they tend to do just that.
So, when you think about your annual security audits, and training sessions, don’t go easy on your IT staff. If anything, considering what they have access to and what they are responsible for, you should be that much harder on them. Based on the survey, I do believe you will agree with that approach.