Over 70% of office workers don’t know who to report to regarding a security breach

Fewer than a third of office workers in the UK and the US would know who to contact within their company if they suspected their computer or another device had been subject to a security breach, such as a compromised login or phishing attack.

This finding is part of a study conducted by security software provider IS Decisions, for the launch of the latest version of UserLock, its user access management software for Windows-based networks. The research also found that the majority (52%) of people do not realise that sharing their work-related logins can represent a significant security risk to their employer.

This behaviour and lack of awareness shows a shocking deficiency in effective training. Considering IS Decisions research has also found that only 21% of IT professionals put insider threats in their top three security priorities makes this even more alarming.

UserLock allows organisations to strengthen their defences against internal security breaches by implementing granular user access restrictions, real time network monitoring to detect suspicious behaviour, and the ability to remotely lock, logoff and shutdown user sessions.

These layered security levels extend the way we verify the user’s identity, to offer more protection especially when network resources include critical or highly sensitive information. The latest version, UserLock 8, brings several additions to the product, notably in helping guide and disseminate good user behaviour and enabling admins to better respond to potential insider security events.

These include:
· More intelligent threat detection – The real time monitoring now incorporates a risk indicator, identifying suspicious network access behaviour at a glance. The new User Status feature evolves according to the user’s actions and their customised authentication controls. It delivers a complete view of an organisation’s network activity and risks, allowing administrators to focus on activity deemed to be of risk or high risk.
· Compromised password protection – UserLock 8’s real time monitoring allows administrators to act immediately to compromised login credentials, but also alerts users when their login credentials are used (successfully or not) to connect to the network.
· Mobile administration – New remote session administration design allows facilitation from any device, so administrators can still respond rapidly on the move using a smartphone, tablet or computer.
· Secure privileged users – Settings, logs and policy rules can now be secured even for UserLock 8’s privileged users, protecting against bad behaviour by those who have administration rights and answering the need for many major regulatory compliance requirements.

François Amigorena, CEO of IS Decisions, commented, “The fact that the overwhelming majority of office workers have no idea how to report a security breach is a very worrying statistic. It needs to be addressed, but more training or stricter policies alone are not going to solve this problem.

“There is no silver bullet in managing internal security, but the feature updates to UserLock 8 will make the job of managing and securing a Windows network easier, as well as help educate users and promote better security behaviour. Greater control handed to administrators to monitor and restrict allows them to reduce surface area for potential attack, but things like user alerts reminds users of why policies are in place and how they should be behaving on the network.”