Often times, taking short-cuts leads employees to stray from the agreed-upon process put in place. That can be risky and disastrous. Enforcing compliance and reducing project risk is one step to take the ensure quality.
According to the May 2015 Business Risk Index by the Travelers Insurance Company, 59% of large businesses indicated that they worry a great deal/somewhat about “EMPLOYEES PUTTING INFORMATION/SYSTEMS AT RISK THROUGH UNSAFE COMPUTING PRACTICES, USING PERSONAL DEVICES FOR BUSINESS.”
First of all, what’s with the other 40%? Do they think they are prepared, or are they just irresponsible?
But, for the sixty percent who ARE worried, what can they do about it that will make a difference?
The employees got the memo last year. The reminder signs on the walls help. Not as much as gluing shut the USB and DVD openings on company PCs, but they help some.
How about your weekly assessment that asks employees if they took all of the precautions they are supposed to take? You know, the survey that goes over every possible way an employee COULD compromise security? That’s right, the survey that continuously asks every employee whether they are aware of, and following, the company security protocols.
I realize it is a PITA to make sure continuous education happens and to ‘test’ people to make sure they get it. But, if you DON’T have a weekly survey that reinforces the security practices message then you are asking for trouble. It’s that simple.