SOURCE: Clearswift


November 09, 2010 10:37 ET

New Report From Clearswift Highlights Need for Companies to Bring IT Security Policies Out of the Shadows

63% Blame Ignorance or Lack of Understanding as the Reason for Policy Breaches Within Organisations; Report Highlights Lack of Training and 'Blame Culture' Regarding IT Security Policies

LONDON--(Marketwire - November 9, 2010) - Clearswift, the software security company, has today unveiled new research highlighting a gap between corporate perception and reality when it comes to IT security policies. The report highlights a need for better and more frequent education of employees.

The new research follows on from Clearswift's April 2010 report, which illustrated a significant mind shift among businesses to show that the majority (54%) now feel Web 2.0 and other collaborative technologies are critical to the future success of their company, requiring a new approach to IT security (64%).

In Clearswift's new Security Awareness Report, released today, almost three quarters (74%) of the 2,000 office workers surveyed feel 'confident' that they understand internet policies, the type of policy designed to safeguard data and IT security as well as maintain productivity. But this confidence seems ill-placed given that a third of those surveyed have not received any training on IT security since joining their firm. This is particularly concerning considering that more than two thirds (62%) of respondents joined more than five years ago -- a virtual lifetime in technological terms. Perhaps not surprisingly then is that almost one in seven people fear they may currently be breaching corporate policy, albeit inadvertently.

"IT security companies have for too long made a living out of making their customers feel insecure, trading on fear and negativity to maximize profit. It is clear to me that to be more secure companies must first stop feeling insecure," said Richard Turner, Chief Executive, Clearswift. Turner continues, "By bringing IT security out of the shadows and educating employees on the risks and the protection in place, all organisations will ultimately benefit. Security should not be about cloak and dagger or fear and reprisals, it should be open, visible, evolving and engaging -- above all it should be born out of knowledge and understanding."

One in four of those surveyed felt that their company 'could be better' at communicating guidelines, with 63% blaming ignorance or a lack of understanding for security breaches suffered by their organisation. Perhaps this goes to show why 17% agreed that security policies are 'more about apportioning blame' than protecting data.

Richard Turner continues: "This ignorance and concern is just a hindrance in today's enterprises. It's time for companies to get to grips with making a policy a living, breathing part of their business that is relevant to everyday corporate life -- not just a tick in the box when it comes to an induction period. All too often, a policy is simply a document that is referred to only when something goes wrong -- almost proof that someone 'should have known better'. There is little or no point in having an IT security policy in place unless staff across the business is fully aware of it and, more importantly, understand the reasons why the rules are in place. Policy, not policing, is the answer to ensure confidence is well placed to tackle the challenges that organisations face."

Clearswift is today calling for email and web security to be brought out of the dark depths of the IT department to drive clarity across the organisation. Having relevant and current security policies in place means that organisations are enabling their employees to get on with the jobs that they need to do and aiding productivity and innovation.

About Clearswift
Clearswift's content-aware, policy based solutions enable over 17,000 organisations to manage and maintain no-compromise data, e-mail and web security across all gateways and in all directions.

About the research
This research, an online survey of 2,000 adult office workers in companies of more than 100 people or more, was conducted on behalf of Clearswift during September 2010.There were 500 respondents each in the UK, USA, and Germany, plus a further 250 each in the Netherlands and Australia.

Visit to download a copy of the research.

Contact Information


Keyword Cloud

View Website