Increase IT Security without Slowing Down Your Employees
Are IT security policies a help or a hindrance? Ask the folks in IT, the ones tasked with keeping data secure and who know how easily lax policies can be exploited, and the answer is a massive help. Ask that same question to end users, however, and you’re liable to get the opposite response. Often, security policies can be complex, cumbersome and savvy users will spend time circumventing them.
That’s the indication according to the Context Aware Security study by Dell and Dimensional Research. The study polled business users and IT pros from across three countries to determine the impact of security policies on employee productivity among other topics.
The study asked respondents how often their employers’ security measures negatively impacted their productivity. Their response? An overwhelming 91% said that, at some point, their organization’s security policies have slowed productivity. Upon closer inspection, those numbers look like this:
- 11% said security policies always impact their productivity
- 23% said they frequently impact productivity
- 38% said they occasionally impact productivity
- 20% said they rarely have any impact
- 9% said they have no impact whatsoever
Curious as to where this situation is trending? Survey participants were also asked to describe the impact of changes that have been made in their corporate security environment over the past 18 months. They said:
- Security has a greater impact on my day-to-day work – 53%
- There has been no change – 36%
- Security is less impactful on my day-to-day work – 11%
One area where IT and the business side are in total agreement is when it comes to IT’s priorities. The study asked participants – both from IT and from other departments – how much weight IT places on end user convenience in its security philosophy.
- On the business side: 87% said IT prioritizes high corporate security standards over employee convenience compared to just 13% who said IT prioritizes employee convenience over corporate security standards
- On the IT side: 86% said they prioritize high corporate security standards over employee convenience compared to 14% who said employee convenience is a higher priority than corporate security standards
According to those figures, when push comes to shove, user convenience is going to be sacrificed in favor of a more secure environment. This makes sense considering the monetary and PR costs associated with data breaches and other security lapses. However, this mindset could also be opening up IT to additional security risks.
A secure yet flexible solution for IT
In the Dell/Dimensional study, almost seven in ten security pros (69%) named “employees finding workarounds to avoid IT-imposed security measures” as a risk, good for the top spot on their list of concerns. Trailing not far behind it were “remote workers with access to corporate data” and “outsiders pretending to be legitimate end users.”
That brings us to another point that IT knows but which end users may not: they, meaning end users, are often an organization’s biggest IT security liability. This might be due to a malicious insider setting out to purposefully do some damage to his or her employer. It may also be someone skipping a pain-in-the-neck security check or inadvertently doing something else that gives attackers an easy way in. Either way, sensitive data could fall into the wrong hands, resulting in a black eye for the company and a black eye for IT.
IT security shouldn’t have to come down to a choice between keeping data safe or frustrating employees with tough-to-follow-or-use tools and processes. Arraya Solutions’ Microsoft team has the depth of knowledge and experience to help organizations find solutions which offer both security and ease of access. One such tool is Microsoft’s Enterprise Mobility Suite (EMS). EMS allows employees the mobility and flexibility they crave, while giving IT the hardened security tools needed to keep corporate data safe.
One feature of EMS is Advanced Threat Analytics, which monitors employee behavior patterns, authentication and known attack patterns in search of signs of an attack. It collects this information in the background, making it a significantly less cumbersome tool as far as employees are concerned. Plus, tracking behavior can help weed out concerns such as employee workarounds and potentially even outsiders posing as employees.
As for that issue of remote employees and access, EMS provides hardened content security. Even though employees are able to gain access to data from wherever and whenever they need to, it’s up to IT just what they can do with it. IT can set rules to keep sensitive documents from being forwarded, printed out, copy-and-pasted, etc. Once again, both sides get what they need.
Ready to learn more about EMS from Microsoft and how it strikes a balance between IT peace of mind and employee usability? Visit us at www.arrayasolutions.com/contact-us/ to start the conversation with one of our Account Executives today. Or, reach out to us on Twitter, @ArrayaSolutions. While you’re there, click “Follow” to stay in the loop with all of our latest company news, insights and special offers.