[News] CISOs Say End Users are Frustrated that Security Disrupts Productivity

Help desks spend days dealing with user access complaints, while legitimate work gets blocked by over-zealous security tools

Bromium Inc., the pioneer and leader in virtualization-based enterprise security, has today announced the findings of an independent survey showing IT security is hindering productivity and innovation across enterprises. The research revealed most security teams utilize a ‘prohibition approach’ – i.e. restricting user access to websites and applications – a tactic which is hampering productivity and innovation while creating major frustration for users.

At a time when competition is fierce, the risk of falling behind and being less productive is as big a risk to an enterprise as cyberattacks. Security has to enable innovation by design, not act as a barrier to progress. Sadly, traditional approaches to security are leading to frustrated users, unhappy CISOs and strained relationships between workers and IT departments – all of which stifles business development, innovation and growth

The research, based on a survey of 500 CISOs from large enterprises in the US (200), UK (200) and Germany (100), is part of a wider report on the role of the end user in cybersecurity. Key findings include:

  • 88% of enterprises prohibit users from using websites and applications due to security concerns; with 94% investing in web proxy services to restrict what users can and can’t access
  • Unsurprisingly, these restrictions negatively impacts user experience: 74% of CISOs said users have expressed frustration that security is preventing them from doing their job and 81% said that users see security as a hurdle to innovation
  • Worryingly, security could also be impacting customer’s relationships and deals, as CISOs report that they get complaints at least twice a week that work has been held up by over-zealous security tools
  • As a result, IT help desks are spending an average of 572 hours a year responding to user requests and complaints regarding access to websites

All this frustration is creating an uneasy relationship between IT, security and the user. 77% of CISOs said they feel stuck in a Catch-22; caught between letting people work freely and keeping the enterprise safe. A further 71% said that they are being made to feel like the bad guys, because they have to say ‘no’ to users requesting access to restricted content.

A new approach to security that brings all sides together

These figures suggest enterprises need a new approach to security.  With revenue, reputations and share price on the line, those who look to new approaches to security will not only protect the business, but have the competitive advantage.

Application isolation puts the activities most often targeted by cybercriminals – downloading files, using applications, browsing the internet – into micro virtual machines. When these activities are initiated, the network is protected because malware is trapped inside the container. Restrictions on users can be lifted and employees can get back to work.

For more information about Bromium and to view the infographic and report, please click here.

The research was conducted by researchers at Vanson Bourne. The sample of 500 was made of 175 enterprises with between 1,000 and 3,000 employees, 175 with 3,000 to 5,000 employees, and 150 with more than 5,000 employees.

About Bromium, Inc.

Bromium protects your brand, data and people using virtualization-based security. We convert an enterprise’s largest liability – endpoints and servers -into its best defense. By combining our patented hardware-enforced containerization to deliver application isolation and control, with a distributed Sensor Network to protect across all major threat vectors and attack types, we stop malware in its tracks. Unlike traditional security technologies, Bromium automatically isolates threats and adapts to new attacks using behavioral analysis and instantly shares threat intelligence to eliminate the impact of malware. Bromium offers defense-grade security and counts a rapidly growing set of Fortune 500 companies and government agencies as customers.

Visit Bromium: https://www.bromium.com
Read the Bromium blog: http://blogs.bromium.com/
Follow Bromium on Twitter: https://twitter.com/bromium
Follow Bromium on LinkedIn: https://www.linkedin.com/company/bromium