Security: Whose job is it anyway?

A global security survey revealed that security updates all too often fall through the gaps, and that there was considerable uncertainty as to whose role it was to implement security checks and updates.

62% of respondents believe the responsibility for IT security lies squarely with the IT department, whereas the bleak reality is that only 35% of IT departments proactively carry out any upgrades to anti-spyware software, leaving the employee and company vulnerable to attack.

In truth – everybody has their part to play. Users must be educated in what constitutes risky and unacceptable behaviour through clearly communicated Acceptable Usage Polices.

Of course implementing effective network security that monitors and prevents risky behaviours is the responsibility of the IT department. The choice of security solutions, and the update policy to manage new threats must be tailored to the needs of the organisation and extend out to cover mobile users – clearly a major source of risk.

The latest generation of solutions are making life increasingly easier in this respect. For example opting for a managed service option provides on-demand security for office-based and mobile workers and ensures the very latest updates are all in place, to guarantee optimum security and meet the agreed SLA.

However it is unlikely that a single solution will provide all the protection required and organisations must ensure they have a multi-layered approach – often mixing service and product based solutions that can deliver high-end security functionality for Web, e-mail and mobile storage devices, to mitigate against risk and protect the business - keeping your intellectual property close, and the threats to it even closer.