Management and employees out of step on IT policies
Email encryption specialist DataMotion has released the results of its second annual survey focusing on email and file transfer habits.
This highlights a wide-ranging communications disconnect between IT management and non-IT employees on security and compliance policies.
Among the statistics to emerge from the survey are that while over 51 percent of IT managers say that free consumer file transfer products were forbidden at their companies, only 24 percent of non-IT workers believe that to be the case.
A similar picture emerges with BYOD. 56.1 percent of IT managers say they have a BYOD policy, yet 74.9 percent of non-IT employees say their company either doesn’t have a policy or are unsure. This is more surprising since over 86 percent of those same organizations say they allow the use of mobile devices for email.
Things are no better when it comes to compliance. Nearly 80 percent of respondents believe that co-workers and employees violate security policies when transferring files electronically. IT managers are offenders here too, with one in five saying they "take risks because we don’t have the resources to be totally compliant". Also almost a quarter admitted to turning off policy-based filtering because it caused problems with false positives.
There are some improvements over last year’s survey, however. 71.7 percent of respondents say they now have email encryption capabilities, a 6.2 percent increase over 2012 survey results. Confidence in compliance has improved too with 48.1 percent feeling "very" confident their company would pass a compliance audit, compared to only 37.5 percent a year ago.
"It’s good to see improvements in security and compliance since last year, but serious problems remain and new ones have cropped up," says DataMotion's Chief Technology Officer, Bob Janacek. "There’s always a demand for new tools such as email on mobile devices -- companies and workers look for better ways to get the job done. The challenge is to provide encryption and filtering tools that are easy for people to use, and dependable so they don't get disabled".
The survey polled more than 400 IT and business decision-makers across the US and Canada. It particularly focused on those in industries which routinely deal with sensitive data and compliance regulations, such as financial services, healthcare and government.