Business advice for all UK firms from starting a business to flotation

Do you brief new staff on IT security?

Businesses are leaving themselves vulnerable to IT security breaches by failing to incorporate suitable training in employee inductions, according to the findings of a European-wide survey of small and medium-sized companies.

The research suggested that while most companies valued employee inductions very highly, only 32% included security as part of that process and just 39% outlined an internet usage policy. This is despite 73% of firms claiming to have reviewed their induction policy over the past 12 months.

In some cases, this was because the company did not even have a set policy on IT security, the research conducted on behalf of McAfee suggested.

Just 39% had guidelines for employees on email content and language usage, while 28% had policies on using portable storage devices and 23% had laptop usage procedures. Taking IT equipment outside company premises is one of the most likely ways to lose both equipment and data.

Companies were more aware of the problems of spam and viruses, the survey found, with 50% providing guidelines on spam, viruses and software/file downloads.

“While many businesses make a priority of employee induction, many are failing to effectively cover a major part of any employees working life, their PC and internet usage policies,” claims Greg Day, a security analyst at McAfee.

“Companies are failing to capture the opportunity presented by new starters to instil a sense of vigilance and security into the workforce,” he added. “This oversight, coupled with a clear lack of enforcement, increases the risk of new employees either consciously or inadvertently breaching corporate security protocols.”

The research also revealed a culture of ‘responsibility roulette’, where employers and employees thought the other should take control of ensuring IT equipment and data remained safe. For example, 67% of business owners believed employees were to blame if a laptop was stolen off work premises and 55% felt employees were guilty if a personal email spread a virus on a company server.

McAfee recommends companies follow a five-point plan to ensure they have a policy on IT security and new employees are properly briefed:

Cover all the bases: ensure that existing induction materials give sufficient time to security risk exposure. This may highlight shortfalls in your businesses current approach to security

Understand existing employee perceptions: evaluate how informed the existing employee base is on security issues such as email disclaimers, spam mail and mobile working

Bring clarity to risk responsibility: start your risk review by refreshing your company’s understanding of where responsibility resides for security risk issues. Trade and government websites make a good reference point

Independent analysis: Invite an independent third party, partner business or customer to undertake your induction process and provide feedback on areas where information could be improved

Create virtual security officers: identify key personnel who can take responsibility for ensuring a vigilant approach to information security and employee awareness

Post Date: June 27th, 2007

Latest News

Banks claim lending to small businesses has risen 10%
21/11/2008 - 15:53
Annual pension levies could be tied to risk of investment
21/11/2008 - 11:36
October high street sales better than expected
21/11/2008 - 09:25
Small firm liability insurance set to rise
20/11/2008 - 15:16
Small firms should ‘be able to pay tax more flexibly’
20/11/2008 - 13:02

Business Events

Click here to read about the latest upcoming business events...

Reader's Poll

New Business provides you with best business advice for starting up and growing a business whether you are starting a business venture for the first time or are already a serial entrepreneur, we provide the best business advice you need to overcome the challenges to becoming successful. New Business provides you with the latest business news through our live news feed which is regularly updated throughout the day together with interviews with the leading entrepreneurs including Peter Jones, James Caan, Deborah Meadon, Mark Dixon and Jacqueline Gold, who share their experiences giving you key information and tips that you can use for your own business.

New Business works with the leading independent business advice experts to give you the best business advice on all the essential areas like business planning, recruitment, accounting advice, marketing, business recovery planning etc to ensure your business is fit and healthy. We also provide you with a weekly e-newsletter which keeps you up to date with key changes and new business advice and news as soon as it becomes available.

To receive the free weekly e-newsletter and receive the best business advice for your company please click here

The content of these pages is copyright © 1998-2008 IBMG Limited. Version 1.0 All rights reserved. It may not be copied or reprinted without the written consent of the publisher. Logos, pictures and names are used by permission and are property of the according parties. Please make sure to read our Terms & Conditions before you use this website. Please Note: newbusiness.co.uk is a registered member of the data protection organisation.

Registration No. Z6663363.

Homepage | Terms & Conditions | Copyright & Trademarks | Privacy Policy | Sitemail & Forum Policy