Businesses still consider desktop users to be the biggest security risk to their networks, despite increased concern over outsourced labour and remote users.
Sophos today revealed figures from its latest network security survey, which indicates that businesses still see office-bound employees as those most likely to expose their networks to IT threats.
Such users were considered the greatest threat to security by 44 percent of respondents.
While office bound employees have consistently topped the list of those thought most likely to compromise network security in past surveys, they have lost ground to remote and mobile employees, who are considered to be a greater security threat by 31 percent of respondents.
Other users considered to be a threat to network security include contractors and outsourced labour, at 14 percent, and guests, 11 percent.
Sophos's head of technology, Paul Ducklin, said: "This is a representation of how common telecommuting and remote working has become," to the extent that half of those in the office are also remote workers.
"The obvious thing we can draw from the results is that administrators haven't become complacent about desktop security," said Ducklin.
Ducklin also pointed out that while some organisations employ a "stricter regiment for outside than inside" the physical risks to equipment associated with mobile users -- such as the loss of or damage to a laptop -- are unavoidable.
The gap between desktop-based and remote users is also being closed as a result of the increased use of mobile storage devices such as USB keys, which contain data that may have been transferred from any number of sources onto a network.
"Administrators are realising that the risks exist wherever you use your computer," added Ducklin.
A few comments I'd like to make on this topic,bearing in mind this is only my personal opinion.
First,we should all stop playing the blame game and get real.Second,as a former Admin person,now retired;I have seen an awful lot of companies out there that,while they employ an IT person,the final say still rests with the owners/CEO's/Board.Many times,the ideas,options laid out by a IT person are not accepted whether due to cost factors or stubborness.This creates a great deal of frustration for the fellow who is trying his/her utmost to do the job properly.Next,there is absolutely NO excuse for those employees who possess a company-owned Laptop to either lose it or damage it.This is a concentrated TRUST factor.Once said employee leaves the company property,it should be a hard and fast regulation that the employee doesn't stop anywhere along the route home.make sure Laptop is right beside you in the vehicle,in your lap via public transit and so on.Any employee would,in my own opinion,be granted only the one chance to carry company details home to continue work.Damage or goodness forbid,losing it should result in the privilege being revoked permanently.NO leeway.Whether it is a desktop or a laptop involved,no-one should be allowed to work from home without a secure,locked-down connection to the company database.Be surprised how many do not have this.How many simply take this for granted.IF there is no Lock icon somewhere on the page one is working on,STOP,period.As to office-bound employees being at fault,this,to me,stresses the lack of proper training to begin with!.I'm not about to find fault with Sophos or anyone else but this blame game,always lays the blame at the feet of EMPLOYEES,no so.Company owners,CEO's and Boards of Directors have to give their individual heads a shake and come clean,take responsibility where it is due.Therefore,let's all get on the same page on this issue,work together for the betterment of all concerned.I'll stop here as this is just too large an area/topic to do proper justice here.Like it or not,this is how I would work it were I still involved.My thanks