Three-quarters of CIOs have confidence in their company’s IT security, but there are plenty of reasons to wonder why they do. In our survey, we asked about 14 IT security practices and about seven general practices for protecting customer and employee data. Of them, only three are in place at 80 percent or more of our respondents’ companies. Some policies, such as rules governing working with company data outside the office, the use of instant messaging, and password protection for hard drives, are done by only about half of respondents.
The reality? IT security is still riddled with holes. Antivirus software is almost ubiquitous and VPNs are now commonplace, but that’s not enough to ensure security. If companies want to get serious about preventing thieves from stealing data, they will have to start closing these gaps.
For more data and analysis, see CIO Insight ‘s Research Center blog at go.cioinsight.com/researchcentral.
Next page: Most companies still don’t do enough to keep employee and customer data private.