eEye Digital Security Technical Brief: Using Policy Enforcement to Enforce Security Standards

Date Added: Sep 2009
Format: PDF

In spite of advances made in the world of network security, a large percentage of security incidents are still being attributed to the "Internal threat" - end users, responsible for misconfiguring devices and programs, disclosing proprietary business information, or knowingly or unknowingly propagating malicious code. A recent study performed by CompTIA has shown human error is a leading cause - for nearly half of all incidents - of all security breaches, outnumbering browser-based attacks, remote access violations, or wireless security. Compounding these statistics even further is that only half of the organizations surveyed have a written IT security policy in place.