I came across an article by Kelly Jackson Higgins of Dark Reading yesterday that reported that “Most Employees Disobey Security Policies”. While the study used in the report was commissioned by IronKey and therefore had a leaning toward policies around removable media, there were plenty of other policy violations cited in the study.
Of the 1,000 employees polled, half said that corporate security policies are ignored by employees and management. Violations listed included: turning off firewall and other security settings on their machines, social networking, using web based personal email on work machines, and password sharing. Higgins adds that 70 percent of end users don’t think their organizations have a policy forbidding their turning off security settings (including a host firewall) on their work computers. And 21 percent say they disable those security settings, up from 17 percent two years ago.”
Allow me to add some of my own analysis:
- I think that half is low because there are likely some that did not even know there were policies.
- A telling phrase in the summary is the term “and management” – because if management ignores the rules, then it is a given that the rank and file will go along.
- I will refrain from asking why anyone would think that turning off security settings would be a good idea, because we all know that people are still the biggest X-factor when it comes to endpoint protection. I had a senior security exec at a government agency refer to such things as CLF problems – carbon based life form.
Policies in and of themselves solve nothing. Without continuous enforcement they are doomed to failure as indicated in this report. And by continuous I mean relentlessly continuous because the enemies – ignorance and incompetence – are equally relentless.
That is where Triumfant is so well suited for enforcing policies and configurations. It continuously scans for changes on endpoint machines, and if a detected change violates a policy or configuration, it builds a remediation to set the machine back to compliance. It does this every day for every machine and continuously meets the challenge of the CLF problem because it matches the problem with equal relentlessness. If the user changes a setting, it changes it back. If the user does the same thing the next day, it sets it back. This can go on for days, but eventually the human normally relents.
At a minimum, your organization knows that it starts every day with the endpoint population in compliance with security policies. And at the end of the day, Triumfant will put back all of the slippage, returning you to the same place for the next morning. That is continuous enforcement and that is what makes policies effective.
Click here to subscribe
