Nearly 80% of public sector employees ignore information security policies and indulge in insecure behaviour, according to a survey of IT security managers in 1,000 public and private sector organisations.
The study by SafeBoot, a supplier of mobile data encryption tools, found that 82% of organisations had a security policy, but 59% spent less than 10% of their IT budget on security. The most common methods of communicating the policy were via memos (34%) and e-mail (29%).
More than 50% of private sector respondents said at least half their staff ignored the security policy.
However, public sector staff scored worse that private sector staff in nearly every category of unsafe behaviour. Almost 90% of IT managers said staff would open unknown e-mails, and 75% connect private USB devices to work PCs.