Canada’s IT security professionals are coming around to providing a more open IT scenario in the workplace that would allow employees to use their own devices and access social networks, according to a study released today.
Security administrators interviewed in cities across Canada say that taking a “yes” approach as an organization leads to better security than a “no” mindset, according to the 2013 Telus-Rotman IT Security Study. The philosophy being that when employees on turned down on a request to use their shiny new tablet for work, they just go ahead and do it anyway, circumventing company security policies. This ends up creating more risk for an organization.
Related Blog Post: BYOD is not just about mobile devices
But coupling a “yes” attitude to allowing personal devices behind the firewall must come with creating the right policies and educating workers, security professionals say. Otherwise you could find your company has happy, productive workers, but a breached security perimeter. Having a “no” policy coupled with education and awareness of why decisions are made can work for better security, the security pros agreed, but stifle a company’s potential for innovation.
The Telus-Rotman security study takes a qualitative approach this year, adding to previous years of quantitative data being collected. The idea that allowing employees more access to public cloud sites is proven in past year’s data. For example, firms that block social networking sites for security reasons actually saw more security incidents over a 12-month period, according to the 2011 study. Firms that blocked social network sites saw 10.3 incidents on average, compared to 7.2 incidents on average for firms that didn’t block social networking sites.
The study authors recommend organizations take the “yes” approach to security, allowing new technologies to be used in the most secure way possible without impeding on convenience too much.
