SAN FRANCISCO - June 24, 2010 - Cisco today announced the results of a survey exploring the security implications of social networking and the use of personal devices in the enterprise. One of the most striking findings was that employees are consistently working around information technology security policies to use unsupported devices and applications. Another significant finding: 71 percent of the survey respondents said that overly strict security policies have a negative impact on hiring and retaining employees under age 30.
Conducted on behalf of Cisco by InsightExpress, the survey polled 500 IT security professionals across the United States, Germany, Japan, China and India. The results illustrate that the consumer influence on enterprise IT is growing and that more employees are bringing personal devices and applications into the network, presenting new business opportunities and security challenges. The survey explores the changing enterprise security landscape due to the evolving requirements of today's borderless networks, the benefits and drawbacks of accommodating an increasingly mobile workforce, and the challenges of protecting sensitive and proprietary data.
Highlights
- More than half of the survey respondents have determined that their employees use unsupported applications, including:
- Social networking – 68 percent
- Collaborative – 47 percent
- Peer to peer – 47 percent
- Cloud – 33 percent
- Nearly half (41 percent) of the respondents have determined that employees have been using unsupported devices, and more than one-third of that number said they have had a breach or loss of information due to unsupported network devices.
- Despite these trends, about half (53 percent) of the IT respondents said they are likely to allow personal devices on the network in the next 12 months and 7 percent already support personal devices.
- More than half (51 percent) listed "social networking" as one of the top three biggest security risks to their organization, while one in five (19 percent) considers it the highest risk.
- Social networking tools are an unprecedented and highly beneficial tool for many parts of organizations, including human resources, marketing and customer service.
- Nearly three out of four survey respondents said that overly strict security policies have a moderate or significant negative impact on hiring and retaining employees under age 30.
Supporting Quotes:
- Fred Kost, director, security solutions, Cisco, said:
- Chris Christiansen, program vice president, Security Products and Services Group, IDC, said:
"As the lines between personal and business computing increasingly blur, it is becoming clear that employees are going to use social networking and personal devices whether permitted or not. The best strategic approach is to focus less on restricting usage and more on effective solutions to ensure highly secure, responsible use. These solutions involve more than technology. Organizations should develop education programs, corporate policies and best practices in order to realize the extensive business benefits of social networking while protecting against the variety of potential threats that it can present."
"Increasingly, unapproved and unmanaged personal devices in the corporate environment are hastening the need for more intelligent security management. These "solutions" must deal with difficulty of protecting individuals and corporations while providing a positive user experience and corporate data access from any device, anywhere, anytime."
Supporting Resources:
- Full Survey Results - Cisco: Consumers' Influence on Enterprise IT
- Read Cisco Senior Security Advisor Christopher Burgesss' blog post, "Social Media – Security Risks? It Depends Where You Happen to be Sitting"
- Video: Cisco Senior Security Advisor Christopher Burgess discusses the importance of the responsible use of social media
- Cisco Security Intelligence Operations
- Cisco Security products and services
- Follow us on Twitter @CiscoSecurity and become a fan on Facebook
- Visit the Cisco Security Blog
- Read Cisco Security Strategy Explained: Q&A With Cisco's Tom Gillis
Technorati Tags:
Cisco, cloud, security, network security, spam, virus, social media, network devices, social networking, survey, enterprise security, survey, borderless networks, insider threats, Christopher Burgess, security policy, IT Consumerization