IT Professionals’ Security Concerns Extend Beyond Hackers
Sungard AS survey finds risky employee behavior and need for greater cloud security as top worries
Wayne, Pa. – March 3, 2015 – IT professionals believe their organizations aren’t doing enough to protect critical data and systems, found a survey commissioned by Sungard® Availability Services™ (Sungard AS) – a leading provider of information availability through managed IT, cloud and recovery services.
What is triggering this belief? Poor employee security behavior – such as bad password “hygiene” and overall security awareness – and the need for greater cloud security rise to the top of the list. These two diverse concerns tell us one glaring fact: security is a threat from all angles, even if unintentional.
Employees unknowingly sabotaging security
One misconception when it comes to organization security is that threats typically come from outside an organization. The truth is, many security breaches originate from within the walls of a business and are driven by ignorance.
IT professionals point blame on their colleagues for one of the biggest threats to their organization’s overall security. Nearly two-thirds (62%) of survey respondents ranked leaving laptops and mobile phones in vulnerable places as their organization’s most common security threat, followed by employee password sharing (51%).
Concerning password hygiene, respondents say the most important components to a password’s health relate to avoiding adjacent keyboard combinations – such as “qwerty” – and to changing passwords often and using a password just once.
The importance of stringent security plans in all areas of an organization – from employee personal devices to cloud platforms – is vital in today’s “always-on” world where security threats change daily. In this environment, internal penetration testing, where an ethical hacker attempts to gain access to a company’s systems, can be one way of ensuring IT security and resiliency.
Cloud security: Critical factor, yet overlooked
Concerning the health of an organization’s IT infrastructure, three-out-of-four (76%) IT professionals believe their organizations could do more to improve cloud security. More than half (54%) of respondents say security is the most critical factor for companies to consider when making the decision to move to the cloud. Yet, it’s also the most overlooked.
“Too often, IT managers fail to ask cloud providers the targeted security questions that will help them create a strong cloud transformation plan and a sustainable security plan after go-live,” maintains Matt Goche, director, Security Consulting at Sungard AS. “Our data reveals a disconnect. People know cloud security is important but aren’t taking the necessary precautions to safeguard their organization’s resiliency.”
The surveyed IT professionals recognize this disconnect and agree there needs to be an increased emphasis placed on security in the cloud. The majority of respondents identified security as the one factor given insufficient attention when making the decision to move to the cloud, followed by vendor support and cloud-based disaster recovery.
“The writing is on the wall. IT professionals – beyond those who focus solely on security – are worried about internal and external threats that could put their organization in a compromising position,” concluded Goche.
The survey, conducted by SurveyMonkey Audience for Sungard AS, reached 276 IT professionals and was completed in December 2014.
About Sungard Availability Services
Sungard® Availability Services™ (Sungard AS) has more than 30 years of experience providing flexible availability services that help ensure organizations keep applications always on, always available. The company leverages its proven expertise to provide managed IT services, information availability consulting services, business continuity management software and disaster recovery services to clients in North America, Europe and India. Sungard AS helps customers improve the resiliency of their mission critical systems by designing, implementing and managing cost-effective solutions using people, process and technology to address enterprise IT availability needs.
Sungard Availability Services is a trademark of SunGard Data Systems or its affiliate, used under license. The Sungard Availability Services logo by itself is a trademark of Sungard Availability Services Capital, Inc. or its affiliate. All other trademarks used herein are the property of their respective owners.