31 March 2006: Staff misusing the Internet by accessing inappropriate websites remains the second largest cause of reported security incidents after viruses for large UK companies, according to findings from the 2006 Department of Trade and Industry's biennial Information Security Breaches Survey.
The survey went on to say that some 90% of all companies said protecting their reputation was one of the most important drivers for information security. Yet despite this, the majority of organisations still do nothing to audit or monitor for staff accessing digital pornography.
In order to assess their level of risk, companies need to understand the Severity, Likelihood and Visibility of the risk.
Severity: the severity of an illicit incident is typically high and can range from criminalisation through civil law suits to breach of corporate compliance.
Likelihood: The ICT fraud and abuse 2004 study by the UK Audit Commission said that "ICT abuse continues to rise and survey respondents generally felt more vulnerable in their use of ICTs". According to the Audit Commission's findings the highest growth of ICT incidents in the workplace is access of inappropriate material.
Visibility: According to the 2006 Department of Trade and Industry's biennial Information Security Breaches Survey, Only 1 in 6 companies scan for illicit content in emails. The worry for the others is what is slipping through the net via email, internet and other routes such as USB key, digital camera or mobile phone.
How can The Irish company Help?
In just one day, The Irish company can undertake a 'Discovery Audit in which The Irish company will scan a subset of your corporate network desktops, servers and email files for illicit image content in order to provide you with Visibility of the scale of digital pornography on your network. The Irish company will also provide you with a report assessing the Likelihood and Severity of inappropriate image material on your network based upon the image material found.
In business, image is everything
On 23rd June 2006, Merrill Lynch was reported to have told 20 staff in its Dublin to stay away from work after they had been caught sending pornographic email; at almost the same time, in the UK, the Driver and Vehicle Licensing Agency dismissed 14 of its staff for distributing pornographic email attachments.
"Such incidents are not uncommon" says John Nolan, CEO at The Irish company, an Irish company specialising in detecting and dealing with digital pornography abuse in the workplace. "About 95% of the companies we audit have unwanted digital pornography on their systems which we can identify and help eradicate. What is unusual about these reports is that both companies understand the business risk and have taken very positive action by sending out a clear message to staff and reassurance to customers that such abuse will not be tolerated."
Staff misusing the Internet by accessing inappropriate websites remains the second largest cause of reported security incidents after viruses for large UK companies, according to findings from the 2006 Department of Trade and Industry's biennial Information Security Breaches Survey.
This is borne out by a similar study undertaken by IBEC in Ireland which reported that almost 60% of companies reported computer misuse; the main types of misuse were inappropriate emails both internal and external and pornography.
"The risks to the corporation are high" says Nolan. "Companies can suffer from breach of corporate compliance, financial loss, brand damage, exposure to civil litigation and even criminal prosecution in extreme cases. Most companies either won't acknowledge that such activity may be happening in their organisation or put in limited software protection and assume that the problem has been dealt with - it hasn't."
Yet assessing the risk and tackling the problem is straightforward.
However, companies must first recognise the business risk and be prepared to takes steps to deal with it.
In order to assist companies understand how to deal with this high risk issue, The Irish company recommends the following actions:
1. Get visibility of your risk - by undertaking a discovery audit of email accounts, desktop PCs and server shares.
2. Clean up your act - deal with incidents identified in the audit, update your policies, communicate policies to staff and ensure staff comprehension.
3.Stay clean - maintain gateway protection and implement auditing and monitoring systems at the desktop / servers.
"Many companies call The Irish company in after they uncover an image incident but increasingly companies are calling us in order to see if they have problem" says Nolan "The Irish company offers a no risk, confidential way to quantify the risk, identify the perpetrators, help the company 'clean up their act' and to 'stay clean'."
How can The Irish company Help?
In just one day, The Irish company can undertake a 'Discovery Audit in which The Irish company will scan a subset of your corporate network desktops, servers and email files for illicit image content in order to provide you with Visibility of the scale of digital pornography on your network. The Irish company will also provide you with a report assessing the Likelihood and Severity of inappropriate image material on your network based upon the image material found.
This article was written by Colm Doherty of Pixalert - http://www.pixalert.com Data Loss Prevention | Email Monitoring Solution | Porn at Work. PixAlert is the market leader in products and services that provide detection of critical data for corporations.
- Related Videos
- Related Articles
- Ask / Related Q&A
Motivating Employees to Be More Productive
By: Mark Thomas Walters | 19/12/2009Using factors like money, job security, and a comfortable workspace, to motivate employees is often overestimated, as they generally only result in employees not becoming less motivated, as opposed to them becoming more motivated. They tend to sustain ther current level of motivation, but rarely increase it. A lot of people...
How to build Trust and Teamwork = TNT
By: Tyronne Jacques | 19/12/2009Accountability of each member in accomplishing the assigned objectives, and how we begin to fragment the enormity of the project.
The Importance of Project Managers in the French Translation Process
By: Samir | 18/12/2009There are many translation businesses that specialize in the English to French translation and French to English translation, so you will want to research them carefully, check references, and ask about their project management procedure. A translation company needs a strict project management procedure to track jobs received from the clients and performed in-house or subcontracted, control storage of source documents, translated files, and company's data bases, eliminate technical mistakes
How to Motivate Employees
By: A.Noton | 18/12/2009Do you find your employees only doing a half-hearted job? Do you feel that job satisfaction is dropping in your business? If so, you are not alone. Many people report lack of motivation among their employees, and often wonder what to do about it. The good news is that you...
Why Use a Change Management Consultant?
By: Stephen Warrilow | 18/12/2009Why use a change management consultant? This is a very good question because unless you are very clear about exactly what sort of help you need I would just simply say don't...
How to Select an External Service Provider For Change Management?
By: Stephen Warrilow | 18/12/2009In my view, issuing a written "Request for proposal" to potential service providers and inviting submission of a written proposal followed by interviews of the selected few is a waste of time. It is not possible to do anything other than provide a generic "cut and paste" response to this type of enquiry...
The Current State of Change Management in the UK
By: Stephen Warrilow | 18/12/2009The current state of change management in the UK is currently reactive to issues that show up on the board's radar rather than driven by strategic intent and innovation. All the evidence shows that change programmes are frequently badly thought out, managing change in the workplace is poorly executed and many do not succeed in achieving their stated objectives. The responsibility for this lies predominantly with the directors and senior management...
What is monitored with CMMS Maintenance?
By: Ashley Combs | 18/12/2009Computerized Management Maintenance Systems (CMMS) can help your business reach it’s full potential. Make sure you select the right one for your business though. With work orders, inventory control, and asset management systems included in each package, select the right functionality and watch CMMS work for your business.
The Irish Company Monitor FAQ
By: Colm Doherty | 31/03/2009 | ManagementWhat does The Irish company Monitor do? The Irish company Monitor is designed to monitor images being viewed on a PC or Laptop and provides multisource image detection and analysis. The Irish company Monitor is deployed as an agent from a central administration console to the Desktop environment within an organisation...
SafeScreen FAQ
By: Colm Doherty | 31/03/2009 | ComputersWhat does SafeScreen do? SafeScreen is designed to monitor images being viewed on a PC or Laptop and provides multi-source image detection, analysis and prevention. SafeScreen runs on computer start-up monitors and report on the images being viewed, and depending upon the product configuration, will prevent inappropriate and illicit images being...
An Irish Company Human Resources
By: Colm Doherty | 31/03/2009 | ManagementDept FAQ What if I have an AUP policy regarding illegal images should I still communicate the introduction of auditing and monitoring software? While such software products are tools for detecting the presence of obscene or illegal images, their long term value lies in their potential as a preventative mechanism deterring...
False Positives. Targeting Accurate Illicit Images Detection
By: Colm Doherty | 30/03/2009 | ManagementWhen discussing inappropriate image detection, the most common question posed is "What about false positives?". In this article, an Irish company explains the issue of false positives in simple terms. What is a false positive? One definition of a False Positive is: "A positive test result in a subject that does not...
No Nudes is Good News
By: Colm Doherty | 30/03/2009 | ManagementRecent statistics collated during 60 corporate audits undertaken by an Irish company between June and September 2006, found that 31.2% of the 5,000 PCs scanned contained digital pornography or other inappropriate images, 8% of the 5,000 email server accounts and 4.5% of 10,000 file server shares scanned were similarly affected....
Porn Images and the Public Sector
By: Colm Doherty | 30/03/2009 | ManagementAn Audit Commission report published in June this year highlighted a huge increase in the viewing of computer pornography by public sector workers. The report called for public sector organisations from councils and government departments to the NHS, police and fire-fighters to invest in technology to prevent inappropriate or illegal...
Assessing The Risks Caused By Illicit Images In The Workplace
By: Colm Doherty | 29/03/2009 | ManagementControlling the abuse of illegal and inappropriate images in the workplace is an increasingly important part of managing risk for an organisation. Private use of company computer resources for pornography can lead to a whole host of problems, from lost productivity, wasted computer resources and e-viral infections through to serious...