Employees Sneaking Past IT to Run Unsupported Apps

Have you discovered the users at your organization running a lot of unsupported programs and devices? A recent survey (PDF) from Cisco (News - Alert) found that more employees are working around IT security policies to use personal hardware and software that’s not sanctioned by the company.

Around 500 IT security pros in the U.S, Germany, Japan, China, and India were surveyed by InsightExpress on behalf of Cisco for a June security report. The purpose of the survey was to uncover possible security issues by examining how corporations track vulnerabilities and enforce their own policies.

The survey discovered that the consumer technology market is increasingly influencing the corporate IT market as more people bring in personal gadgets and software to use at work. Social networking was cited as the most common type of unsupported application, as 68 percent of the IT pros surveyed said they’ve found their employees using social networks.

More than half (51 percent) said they see social networks as one of the three largest security risks, while 19 percent see it as the top risk. Even further, 71 percent of those questioned said that restrictive security policies have hurt the ability of their companies to hire and keep workers under 30.

Beyond social networking, collaborative software, peer-to-peer applications, and cloud-based apps were also high among the list of unapproved software being used by employees.

Though employees may not be aware of it, this trend is triggering greater security challenges among IT staff to secure the network and protect a company’s confidential data. Among the 41 who said they’ve caught users with unsupported devices, more than one-third reported a security breach or loss of information as a result.

Yet the use of unsupported software and hardware presents a Catch 22. For example, applications such as social networks may pose a security risk, but they do offer value to HR departments, marketing groups, and customer service centers. Around 53 percent of the IT pros questioned said they are likely to allow personal devices on the network over the next year, while 7 percent said they already support the use of such devices.

What can IT do to better handle the use of unsupported devices and programs? The best approach, believes Cisco, is to focus less on restricting their use and more on making sure they’re used in a responsible way. Beyond relying on technology to monitor or deal with unsupported software, organizations should educate users and develop corporate policies that explain both the benefits and the risks of using applications such as social networking.

The survey questioned 512 IT security decision makers in companies with at least 100 employees from April 2 to 14 earlier this year.