Survey: End Users Biggest Potential IT Threat

May 29, 2007 ( - A survey commissioned by a Waltham, Massachusetts technology company found that while the perimeters of a corporate IT network may be secure, the biggest IT security dangers may be the end users.

The survey by Liquid Machines conducted by online survey services provider Zoomerang found that most end users are accessing and sharing information in potentially dangerous ways; are taking information with them when they leave jobs; and are wary of where information may end up when forwarding documents electronically.

According to a news release about the survey, nearly half of the respondentsadmitthat they’ve taken data – including documents, lists, letters, proposals and sales contacts – with them when they’ve left a job. By industry, technology employees were the most likely to have taken data with them, with 53% of respondents saying they have taken data with them to a new job.

Most respondents have found the means to take data with them – beyond simply e-mailing the documents, they are allowed to use peripheral storage devices such as flash drives (87%), external hard drives (69%) and MP3 players (46%) within the workplace.

Interestingly, among companies that allow at least one of these types of peripheral storage devices, 78% have policies that forbid access to business-related data when it is accessed outside of the office; these policies can easily be overridden by simply transferring the data to a storage device.

Respondents indicate a sense of paranoia around electronic documents, with many choosing to share hard copies of information rather than sending electronic documents, for fear the latter could be improperly forwarded. Technology workers are the most likely to take the paper route (47%) followed by manufacturing (42%) and financial services (40%).

Among manufacturing employees, a whopping 71% believe their competition has used its intellectual property; technology employees agree with this statement 63% of the time.

Despite concerns around data theft, 32% of respondents believe that more than half of their company’s data would be at risk if it escaped the network or confines of their office. Technology (43%) and manufacturing (39%) employees believe their companies’ risks are greatest.

Some 42% of respondents believe that security in place at their companies is nonexistent, not strong enough, the wrong type of security or too restrictive. By industry, 50% of manufacturing employees fell into this camp, as do 48% of those working in technology.

The 15-question survey was completed over a one-month period by 917 respondents who were invited to participate by Zoomerang, an online survey services provider. More information about the February 2007 survey is at .