Survey findings from Cisco Systems‘ (NASDAQ: CSCO) Connected World Report reveal that although many companies may have IT policies in place, there’s still a large disconnect between employees and their IT departments.
The Cisco-sponsored global study was conducted by InsightExpress and included responses from 13 countries, including the United Kingdom and the U.S. The study was made up of two surveys, one focused employees and the other on IT professionals. Each survey gathered responses from 100 people from each of these countries.
The survey found that while 82 per cent of respondent companies had IT policies, 24 per cent of the individuals were unaware these policies were in place. Furthermore, 23 per cent said their respective companies don’t have any IT policies on acceptable device usage. With these combined percentages, that means almost half of the respondents either don’t have an IT policy in place for device usage, or they’re simply unaware that a policy exists.
Neil Wu Becker, research program manager at Cisco, told a webcast that with the growing trend of consumerization in the workforce, the need for flexibility around how employees work and communicate is key.
“It’s about corporate readiness and awareness,” Wu Becker said. “Of the employees who admitted to breaking IT policies, 41 per cent said it was because they needed restricted programs and applications to get their jobs done.”
Wu Becker cited another finding where 20 per cent said they break IT policies because they don’t think their company and/or its IT team will actually enforce it.
Also, with the increasing trend of mobility both in and out of the workplace, more employees are now expecting to be able to bring and use their personal devices in the office.
According to the survey, 18 per cent of employees said they’re not allowed to use their iPods at work, while the same percentage said they’re also restricted from using any personal device such as employee-owned laptops or phones. Wu Becker said that while these rules may be in place, some employees may not adhere to them because they want to have that flexibility and freedom to connect to any device from anytime, anywhere.
Marie Hattar, vice-president of borderless networks at Cisco, said it may be a matter of IT policies not being able to keep pace with the rate of device innovation.
“Sometimes when you try to be more secure, you tend to ratchet things down more and you tend to say ‘no’ more than you actually say ‘yes,’ she said. “There are so many new applications out there with social media, so some companies may have a policy to say you can’t use this, so employees will then find another application to use as a workaround.”
Ray Smets, vice-president and general manager of Cisco’s wireless networking business unit, said IT policies need to be simple and easy for end-users to use.
Nasrin Rezai, senior director, global information security at Cisco, also said that businesses need to use some sort of analytics solution so they know what devices are being used in the network and by whom.
“It’s key to know what you have in your network because you can’t manage what you don’t know about,” Rezai said. “You need to analyze what’s coming into the network.”
For the channel, Cisco executives said it’s a partner’s role to act as the consultant to their end-user customer.
“Partners can help with security assessments and they can help scale education because a lot of IT policies are still unknown,” Hattar said. “Partners can also put in some best practices to help roll best practices out. Partners have a significant opportunity to engage, educate and advise companies on how to protect themselves as they become more global and distributed.”
As the workplace and the mobile device market continues to evolve, Cisco executives said that above all, IT policies and playbooks need to be amended to reflect those changes and more end-user awareness and education is needed regarding these policies and procedures.
Follow Maxine Cheung on Twitter: @MaxineCheungCDN.