Your People Are Routing Around Your IT Security
Let’s face it, they are, at least according to a recent report from Hysolate:
Overall, the Hysolate survey found that virtually all employees (93%) “are working around IT restrictions,” and a mere 7% said they were “satisfied with their corporate IT restrictions.” Interestingly, this information about IT workarounds does not match security leaders’ and IT expectations. For example, security leaders believed 43% of users are “in most cases working around IT restrictions” and IT respondents believed 23% of users are working “around IT restrictions most of the time,” per the report.
I mean 93%? Yeah, at that rate, someone in your organization is absolutely working around your restrictions. It’s not even that they are just not cooperative, turns out most of them are just trying to get their work done and finding access to websites and tools that are part of their job, things like sharing data with customers, partners, clients, etc., are blocked by the current IT policies.
This tells me that there are a number of things going on, possibly.
- The rules are too strict and too inflexible. – Having a website or file storage location that a third party is using to work with your folks, that they can’t get access to means they don’t even bother coming to you anymore. That’s not good.
- Your users do not have the proper tools to collaborate with people outside of your environment.
- Your impression of how often this kind of thing happens is probably wrong.
That combination of things points to one, larger, issue. There’s a pretty large communication gap between IT and business users. The security restrictions that exist are getting in the way of people getting work done, and rather than ask for them to be changed, users simply work around them using their own tools, maybe even their own laptops, or network connections, and the IT folks don’t even know this is happening.
That’s a recipe for disaster. It might be time to work on communicating with your users, and of course when I say “communicate” that absolutely means listening too.
Follow these topics: Security
