IT disaster recovery, cloud computing and information security news

Inadequate IT security policies are widespread in UK companies

A study by OneLogin has found weaknesses in the UK policies of many UK companies. The study, which surveyed more than 600 UK-based IT decision-makers, with influence over their business’s IT security, highlighted a disparity between Internet access and security policies. For example, nearly a third (29 percent) of businesses neglect to monitor their employees’ use of high-risk websites on the corporate network, providing employees with unrestricted Internet access, and potentially impacting the security of sensitive business data. 

When it comes to the preventative measures used to monitor external threat vectors, over a third (36 percent) don’t invest in security education for their employees and less than two-thirds (62 percent) conduct phishing assessments. In addition to this, three quarters (75 percent) don’t use cloud access security brokers and two-thirds (69 percent) don’t use single-sign-on services. Organizations appear to be taking the risky approach of simply relying on employees to use their common sense when it comes to cybersecurity, leaving valuable corporate data easily accessible to cybercriminals looking for the easiest way into the corporate network.

“With an influx of employees now choosing to work remotely from personal devices, many remain unaware of security threats and often access the Internet forgetting they’re still connected to the corporate network. Therefore, organizations simply cannot afford to rely on employees to know the impact of their personal habits on corporate cyber security, meaning proactive steps must be taken. Emphasis must be placed on IT and security training for employees to understand the need to avoid high-risk websites to preserve corporate integrity,” said Alvaro Hoyos, chief information security officer at OneLogin.

www.onelogin.com



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

   

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.