Security holes: The danger within

Significant destruction can be caused by employees, yet they continue to be overlooked as an IT security threat

Employees continue to be overlooked as an IT security threat, despite the significant destruction they can cause, according to one white paper.

A white paper released in the US by Web filtering vendor SurfControl found that more than 80 percent of security compromises faced by companies came from within.

Charles Heunemann, managing director at SurfControl in Australia, estimates that about 90 percent of Australian companies' intellectual capital is held in digital format. Heunemann believes it's this which makes it a convenient target for unauthorised electronic transfer.

The white paper also found that poor security policies and procedures and lack of staff education contributed to employees being an IT security risk.

"Whether incidents are due to malicious intent or inadvertent employee error, the result is the same: loss of revenue, productivity, and potential liability," said author Jack McCullough in a statement about the white paper.

"Many organisations only develop or update policies and procedures in reaction to a security compromise," McCullough said. "As a result companies are vulnerable, despite spending large sums on security products and consultants."

For all job and work-related news, or to search for a job and get information on training, go to ZDNet Jobs.

If you have something to say about work and employment issues say it here at the Jobs Forum.

Let the editors know what you think in the Mailroom.