Nearly 80% of public sector employees ignoreinformation security policiesand
indulge in insecure behaviour, according to a survey of IT security
managers in 1,000 public and private sector
organisations.
The study by
SafeBoot, a supplier of mobile data encryption tools, found
that 82% of organisations had a security policy, but 59% spent less
than 10% of their IT budget on security. The most common methods of
communicating the policy were via memos (34%) and e-mail (29%).
More than 50% of private sector respondents said at least half
their staff ignored the security policy.
However, public sector staff scored worse that private sector
staff in nearly every category of unsafe behaviour. Almost 90% of
IT managers said staff would open unknown e-mails, and 75% connect
private USB devices to work PCs.
