Monday, March 23, 2009

Clamping down on employee misuse of IT

Over at Computer Economics, we've published the first of two reports on insider threats, based on a special survey we ran late last year. The first report, Insider Misuse of Computing Resources, deals with the extent of the problem of employee and other insiders misusing their computer and network access.

It's not just a matter of time-wasting:
The threat of insider misuse goes beyond loss of productivity. Some forms of misuse also expose the organizations to more sinister threats. For example, surfing the web can bring users to websites that contain malicious code, opening the user’s desktop and network to infection. Participating in peer-to-peer file sharing networks can do the same. Storage of pirated music, video, or unlicensed software exposes the organization to copyright violation liabilities. There are many other examples of the threats to security that can directly result from failure to reign in insider misuse of computing resources. While many organizations are sensitive to the need to defend against information security threats originating from outside the organization, the threat posed by insiders misusing computing resources can be just as great or greater.
Our website has an extensive free executive summary. The full report is also available for sale.

No comments: