By Tony Hallett, 5 March 2003 17:11
NEWS Nearly all companies now realise it is important to work to certain standards to maintain corporate security - so why is it fewer than one in ten are putting in place the necessary safeguards? That's the good and bad news that can be taken from a recent survey of 150 UK companies by Integralis. The systems integrator found that, despite heightened awareness of security issues, less than 25 per cent of organisations have any board level involvement in security, which is generally seen as an IT-led issue. Clifford May, principal consultant at Integralis, told silicon.com: "It's a matter of education at both the end user and board levels." Companies recognise they must defend themselves against the latest virus or hackers, yet all too often allow hardware to be carried out of an office by crooks posing as workers. Security standards - such as BS7799 - require ongoing education and advice, which could involve an up-to-date corporate intranet - or a notice board in a tea room. Integralis' May added: "Security responsibilities should be written into job descriptions. Any daily action has a security component. It could be being told an employee has left, so as not to grant them access to premises in the future, or telling directors not to give out information on the phone in public or using laptops on a crowded train carriage." Respondents to the latest survey said lack of boardroom support is still the biggest hindrance to getting a security strategy correct. The sectors making the most progress, showing awareness of the BS7799 part 2 re-write, are healthcare (67 per cent) and finance (64 per cent). Bottom of the heap was IT.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below