Forty percent of network administrators say their biggest concern is that their users 'fail to adhere to company security policies', according to a new survey by Amplitude Research, based in Bingham Farms, Mich., and commissioned by VanDyke Software Inc., an Internet communications software company based in Albuquerque, N.M.
Even though many network administrators and managers distrust users, only 50 percent say they are comfortable with monitoring employee usage of the Internet. The survey also shows that rules-based software, server log analytics, and dedicated monitoring applications are the most widely used solutions, with few respondents saying they use keystroke loggers.
Behind their worries over user actions, administrators ranked their top concerns as a security breach to their network, the lack of a recovery plan, and viruses and worms.
''The human element continues to be a primary cause for concern to network administrators,'' says Jeff P. VanDyke, president of VanDyke Software. ''We hear about individuals who have been burned by phishing scams, an employee who leaves his or her laptop at an airport, or on-the-go professionals who log on to the Internet via a less-than-secure-but-available wireless network.
''What this year's survey responses indicate are that network administrators and managers feel they're comfortable with their performance in managing technology and solutions to protect their networks and data. It also appears that they generally have neither the mandate from top management nor sufficient budgets to train employees in proper security awareness and practices.''
Despite their concerns about users, worms and break-ins, when asked what keeps them up at night, 43 percent of network administrators surveyed say they sleep like a baby.
Survey respondents generally expressed satisfaction with the current security at their organization in areas like desktop PCs, remote access, and physical security. Data centers/server farms, however, scored the highest level of satisfaction with more than 70 percent of administrators saying they are content with its security.
In addressing their organization's information security issues, 88 percent of network administrators say they use internal staff and resources; 10 percent say they employ a security consultant to advise and assist internal staff, and 2 percent say they outsource to a managed service provider or consulting firm.
The study surveyed 335 network/systems administrators and networking managers.