With the proliferation of Bring Your Own Device (BYOD), the Internet of Things (IOT), wearable technology and office-based cloud applications, IT security procedures within any organisation must prioritise shaping employee behaviour as one of the major risks within today’s cyber workforce.

Employee misbehaviour – whether clueless, careless or malicious in nature – is often the primary reason behind the loss of sensitive data and enterprise devices. In fact, a recent ITIC Security Deployment Trends survey discovered that 80 percent of respondents claimed the actions of permitted end users pose the biggest threat to organisational security.

However, training and admonitions can only go so far. The reality is that a 100 percent cyber security trained and attentive workforce simply cannot be achieved. Security education is an ongoing work in progress, which should be constantly audited, updated and improved, but cyber security best practices require more. For IT managers trying to navigate the murky security waters to those best practices, four steps, as outlined in this article, are essential to ensuring computer data security is as efficiently and effectively achieved.

Protect the data, not the device

Infrastructure in an age of BYOD and IOT has too many vulnerabilities. Security professionals must shift their traditional mindset by focusing on protecting the data over the infrastructure. Security must not be just at the boundaries; security must be granular and omnipresent within a network or an application.

Jul-Sep 2015 Issue