This doesn’t seem to be getting better.
“According to this year’s Dell End-User Security Survey, a staggering 72 percent of employees are willing to share sensitive, confidential or regulated company information inappropriately. Those surveyed were not malicious but rather were just trying to do their jobs the best they could.”
Clearly, we aren’t doing something right, and I suspect part of it is that security is still getting in the way of people getting work done, thus their willingness to route around it. How do we correct that?