Almost half the IT managers believe that opening an unknown attachment is the most serious security offense that their users can commit, according to a recent poll of IT administrators and security consultants conducted by WatchGuard Technologies, Inc.
Seventy-nine per cent of the respondents also indicated that a virus has successfully penetrated their network defenses at least once in the past year, WatchGuard said.
Results from a related survey conducted by the company, indicate that only 7 per cent of users obey security policies to the letter, while a shocking 46 per cent do not even try to work securely.
"While recent high-profile virus attacks have led many organisations to take more stringent measures to educate users, these findings suggest that trying to enforce security policies only through behavior modification is a risky proposition," said Mark Stevens, chief strategy officer at WatchGuard.
"The safest option is to deploy a security solution that can identify threats within the application layer and remove potentially dangerous attachments altogether," added Stevens.
WatchGuard also asked IT managers to share their strategies for preventing users from opening unknown attachments. The most common response was to filter unauthorised attachments at the firewall before they reach the user.
When asked to identify the user errors or habits representing the most severe breaches of security, 40 per cent of respondents said that opening an unknown attachment is more damaging than failing to implement mandatory virus updates, installing an unauthorised wireless network or making a password easily accessible to others (each selected by 14 per cent of respondents).
The results of the survey indicated that administrators perceive infected attachments to be the greatest security threat to organisations, despite the fact that most organisations have anti-virus software in place. In a separate poll, WatchGuard asked IT managers whether their users obey company security policies. Though the findings showed that 47 per cent of users mostly adhere to their organisations' policies, a large percentage -- 31 per cent -- only do so when it suits them
A further 12 per cent obey security policies only by chance and three per cent ignore the rules altogether.
A summary of the responses is available online at www.watchguard.com/lsspoll.
