News Release

Cisco Security Survey Spotlights Consumers' Influence on Enterprise IT

More Than Half of Security Professionals Report That Employees Use Unsupported Applications and Devices Despite Strict Policies
Jun 24, 2010

SAN FRANCISCO - June 24, 2010 - Cisco today announced the results of a survey exploring the security implications of social networking and the use of personal devices in the enterprise. One of the most striking findings was that employees are consistently working around information technology security policies to use unsupported devices and applications.  Another significant finding: 71 percent of the survey respondents said that overly strict security policies have a negative impact on hiring and retaining employees under age 30.

Conducted on behalf of Cisco by InsightExpress, the survey polled 500 IT security professionals across the United States, Germany, Japan, China and India. The results illustrate that the consumer influence on enterprise IT is growing and that more employees are bringing personal devices and applications into the network, presenting new business opportunities and security challenges. The survey explores the changing enterprise security landscape due to the evolving requirements of today's borderless networks, the benefits and drawbacks of accommodating an increasingly mobile workforce, and the challenges of protecting sensitive and proprietary data.


  • More than half of the survey respondents have determined that their employees use unsupported applications, including:
    • Social networking  – 68 percent
    • Collaborative – 47 percent
    • Peer to peer – 47 percent
    • Cloud – 33 percent
  • Nearly half (41 percent) of the respondents have determined that employees have been using unsupported devices, and more than one-third of that number said they have had a breach or loss of information due to unsupported network devices.
  • Despite these trends, about half (53 percent) of the IT respondents said they are likely to allow personal devices on the network in the next 12 months and 7 percent already support personal devices.
  • More than half (51 percent) listed "social networking" as one of the top three biggest security risks to their organization, while one in five (19 percent) considers it the highest risk.
  • Social networking tools are an unprecedented and highly beneficial tool for many parts of organizations, including human resources, marketing and customer service.
  • Nearly three out of four survey respondents said that overly strict security policies have a moderate or significant negative impact on hiring and retaining employees under age 30.

Supporting Quotes:

  • Fred Kost, director, security solutions, Cisco, said:
  • "As the lines between personal and business computing increasingly blur, it is becoming clear that employees are going to use social networking and personal devices whether permitted or not. The best strategic approach is to focus less on restricting usage and more on effective solutions to ensure highly secure, responsible use. These solutions involve more than technology. Organizations should develop education programs, corporate policies and best practices in order to realize the extensive business benefits of social networking while protecting against the variety of potential threats that it can present."

  • Chris Christiansen, program vice president, Security Products and Services Group, IDC, said:
  • "Increasingly, unapproved and unmanaged personal devices in the corporate environment are hastening the need for more intelligent security management. These "solutions" must deal with difficulty of protecting individuals and corporations while providing a positive user experience and corporate data access from any device, anywhere, anytime."

Supporting Resources:

Technorati Tags:

Cisco, cloud, security, network security, spam, virus, social media, network devices, social networking, survey, enterprise security, survey, borderless networks, insider threats, Christopher Burgess, security policy, IT Consumerization