IT security solutions may be in place across the enterprise, but best practice training lags behind significantly.
Aug 27th, 2014
Few decision-makers recognize how crucial end-user education is to the overall success of a security plan, expecting that IT solutions will protect sensitive assets all on their own. In reality, technology generally holds up its end of the bargain—human error is actually most common cause of data breaches and other devastating cyberattacks that continue to make headlines across the private and public sectors. Business leaders must take a holistic approach to network protection if they want to remain a step ahead of attackers, and this means leveraging training programs to keep employees in the loop.
Tech solutions aren't enough
The perception of network security as a singular issue demanding a one-size-fits-all solution is far from the truth in the modern tech landscape, as hackers have developed ways to bypass infrastructure defenses with incremental advances in their own tools and techniques. With perpetrators always looking for the next digital gold mine in the form of sensitive databases and user credentials, executive leaders must approach their defensive efforts with a similarly dynamic and ever-evolving mindset as their Web adversaries. In other words, security is an ongoing project in constant need of assessment.
While many companies have wisely employed solutions such as hosted firewalls, private network circuits, and secure file transfer software to bolster their defenses from a purely technical perspective, the end-user knowledge required to take full advantage of these resources is shockingly absent across the enterprise. According to an article from IT Business Edge, most bring-your-own-device adopters don't even have a basic understanding of the consequences that poor practices can have on their organizations. The source pointed to Softpedia research exposing this widespread ignorance.
"For instance, 30 percent leave mobile devices unattended in their vehicles and 33 percent use the same password for both work and personal devices," the survey was quoted. "Furthermore, 35 percent have clicked on a link contained in an unsolicited email, 58 percent store sensitive information on their mobile devices, and 59 percent have admitted storing work information in the cloud."
A holistic approach is needed
Continuing to leave end users in the dark with regard to security best practices is as good as distributing sealed invitations to the world's most devious cybercriminals, offering an unguided tour of company networks. Training must be viewed as a central element of network protection if business leaders want to protect their assets with 360-degree vigilance.