Clavister study: human error is vulnerability number 1 Hamburg, December 1, 2008, as many policies and training methods are used human error continues to be the greatest danger to the security of a company. This is the worrying result of a study conducted on behalf of the Swedish manufacturer of network security solutions Clavister by YouGov. So are 86 percent of the respondents IT directors of believe that their own employees are the most common cause of security problems. Problems of the study to result even on policies and introduced training. The reasons for this are varied and are all in the nature of man. Amazon is often mentioned in discussions such as these. Security breaches are according to the study, 37 percent simply due to errors. However, another 31 percent of participants make ignoring the agreed policies on the part of the staff about the root cause. The fact that the staff often not on the rules is made aware or sufficiently trained.
see 13 percent as crucial. Five percent of respondents hold the deliberate undermining of policies with the aim of industrial espionage for the highest risk. Size and location of the company are irrelevant to the result of the survey. For this reason, is Clavister current IT security solutions and policies in question and the challenge to tackle the problem of human error and misconduct. The purpose of a security policy is that unauthorized users get no access to the network, while potentially dangerous users within the organization can be monitored,\”explained Vice President product management at Clavister, Andreas asander.
But to meet compliance rules is not easy. The documents, in which security policies are set, fail but often very extensive and technically, so they are mostly incomprehensible and therefore irrelevant for the average employee. So that security policies are followed, users must have their Recognize importance of personal and professional perspectives.\” So companies with the following six rules are 6 tips for an effective policy Clavister assistance for writing an effective security policy at hand: write the policy in simple and understandable language.