The 4 Security Rules Employees Love to Break
Most CSOs and security managers know employees are taking risks everyday that could set their company up for a breach. What some of the biggest offenses? And what can be done to nip that risky behavior in the bud? John Stewart, CSO of Cisco, offers his take on 4 rules people love to break and offers advice on getting them to stop.
Allowing "tailgating" and unsupervised roaming According to a recent Cisco survey, more than one in five German employees allow non-employees to roam around offices unsupervised. The study average was 13 percent. And 18 percent have allowed unknown individuals to tailgate behind employees into corporate facilities. The reason, according to Stewart, is that confronting people who may be gaining access illegally is difficult for people.
"Globally, tailgating creates an interesting human problem," said Stewart. "You are walking into building and you may have to challenge someone to prove that they have the right to be there. This is uncomfortable for a great number of people. In certain cultures it's insulting and unacceptable."
Stewart recommends creating an environment that makes it hard for people to tailgate. Consider signage that even states tailgating is not allowed.
"When there are signs posted it makes it easier for a person to ask for identification. They can say: 'The company makes me do this.' It diffuses some of the tension."
Help your user community say in a very obvious way: I don't want to have to do this but I have to do it, said Stewart.
Adding unauthorized wireless access points At Cisco, the process of dealing with unauthorized wireless access points is known as 'whack-a-mole', according to Stewart. That's because they pop up so frequently
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
