November 26, 2014  
Home About Us Contact Us
 Read terms of use
Login Problems?
 on Becoming a Client

Help for Search
Subscribe to the Computer Economics Report. Free sample issue.
Research Sections
Major Studies
IT Management Advisories
Valuation Data
...and More
Register for free research notification
 
Insider Misuse of Computing Resources: Countering Unauthorized Downloading, File Sharing, Instant Messaging, and Other Risks of Employee Abuse
Insider Misuse of Computing Resources: Countering Unauthorized Downloading, File Sharing, Instant Messaging, and Other Insider Threats
Insider misuse of computing resources takes on a variety of forms. If left unchecked, can pose serious risks to information security. This special report Insider Misuse of Computing Resources provides a full breakdown of the different forms that employee misuse can take, what organizations are most worried about, and what counter-measures they are taking.

 

This report is based on our survey of IT security professionals and IT executives worldwide. It analyzes the threat misuse of computing resources by employees and other insiders--that is, any violation of an organization's policies regarding acceptable use. Examples include non-work-related Internet surfing, use and abuse of personal email or instant messaging, downloading of music or pirated software, or unauthorized copying of files to portable storage devices such as USB drives.

For each of 14 types of insider misuse, we present data concerning the perceived seriousness of the threat, typical organizational policies or lack thereof, frequency of violations against company policy, analysis of preventive and detective actions taken by organizations to deter employee abuse (such as employee monitoring and workplace surveillance), and typical levels of enforcement. 

Read the free executive summary of this report

Purchase the full report, Insider Misuse of Computing Resources, now.

 


 

Table of Contents

  • Executuve Summary
    • Understanding the Threat of Insider Misuse
    • Key Findings
       
  • The Overall Threat of Insider Misuse
    • Categories of Insider Misuse
    • How Serious is the Threat of Insider Misuse?
       
  • Analysis of Insider Misuse by Category
    • Unauthorized Copying of Files to Portable Storage Devices
    • Downloading of Unauthorized Software
    • Unauthorized Use of Peer-to-Peer File Sharing Programs
    • Unauthorized Setup of Remote Access Programs
    • Unauthorized Setup of Wireless Access Points
    • Unauthorized Setup of Modems
    • Downloading of Unauthorized Media Content
    • Use of Personal Computing Devices for Business Purposes
    • Unauthorized Authorship of Blogs
    • Instant Messaging Using Personal Accounts
    • Unauthorized Participation in Message Boards
    • Use of Personal Email/Webmail Accounts
    • Non-Work Related Web Browsing
    • Use of Business Email for Personal Correspondance
       
  • Enforcement of Policies Regarding Insider Misuse
    • Methods to Increase Awareness of Policies
    • Responsibility for Awareness of Policies
    • Monitoring of Insider Email
    • Monitoring of Insider Keystrokes
    • Examination of Insider Computer Files
    • Monitoring Insider Internet Traffic
    • Types of Websites Forbidden, Restricted, or Monitored
       
  • Demographics

 


 

List of Figures

  • Figure 1--Percentage of Organizations Viewing Type of Insider Misuse as Major Threat
  • Figure 2--Unauthorized Use of Portable Storage Devices: Threat Level
  • Figure 3--Policies Regarding Unauthorized Use of Portable Storage Devices
  • Figure 4--Violations of Policy Against Unauthorized Use of Portable Storage Devices
  • Figure 5--Methods for Deterring Unauthorized Use of Portable Storage Devices
  • Figure 6--Actions Taken Against Unauthorized Use of Portable Storage Devices
  • Figure 7--Downloading of Unauthorized Software: Threat Level
  • Figure 8--Policy Regarding Downloading of Unauthorized Software
  • Figure 9--Violations of Policy Against Dowloading of Unauthorized Software
  • Figure 10--Methods for Deterring Downloading of Unauthorized Software
  • Figure 11--Actions Taken Against Downloading of Unauthorized Software
  • Figure 12--Unauthorized P2P Programs: Threat Level
  • Figure 13--Policy Regarding Unauthorized P2P Programs
  • Figure 14--Violations of Policy Against Unauthorized P2P Programs
  • Figure 15--Methods for Deterring Unauthorized P2P Programs
  • Figure 16--Actions Taken Against Unauthorized P2P Programs
  • Figure 17--Unauthorized Setup of Remote Access Programs: Threat Level
  • Figure 18--Policy Regarding Unauthorized Setup of Remote Access Programs
  • Figure 19--Violations of Policy Against Unauthorized Setup of Remote Access Programs
  • Figure 20--Methods for Deterring Unauthorized Setup of Remote Access Programs
  • Figure 21--Actions Taken AGainst Unauthorized Setup of Remote Access Programs
  • Figure 22--Unauthorized Setup of Wireless Access Points: Threat Level
  • Figure 23--Policy Regarding Unauthorized Setup of Wireless Access Points
  • Figure 24--Violations of Policy Against Unauthorized Setup of Wireless Access Points
  • Figure 25--Methods for Deterring Unauthorized Setup of Wireless Access Points
  • Figure 26--Actions Taken Against Unauthorized Setup of Wireless Access Points
  • Figure 27--Unauthorized Setup of Modems: Threat Level
  • Figure 28--Policy Regarding Unauthorized Setup of Modems
  • Figure 29--Violations of Policy Against Unauthorized Setup of Modems
  • Figure 30--Methods for Deterring Unauthorized Setup of Modems
  • Figure 31--Actions Taken Against Unauthorized Setup of Modems
  • Figure 32--Downloading of Unauthorized Media Content: Threat Level
  • Figure 33--Policy Regarding Downloading of Unauthorized Media Content
  • Figure 34--Violations of Policy Regarding Downloading of Unauthorized Media Content
  • Figure 35--Methods for Deterring Downloading of Unauthorized Media Content
  • Figure 36--Actions Taken Against Downloading of Unauthorized Media Content
  • Figure 37--Unauthorized Use of Personal Computing Devices for Business: Threat Level
  • Figure 38--Policy Regarding Unauthorized Use of Personal Computing Devices for Business
  • Figure 39--Violations of Policy Against Unauthorized Use of Personal Devices for Business
  • Figure 40--Methods for Deterring Unauthorized Use of Personal Devices for Business
  • Figure 41--Actions Taken Against Unauthorized Use of Personal Computing Devices for Business
  • Figure 42--Unauthorized Authorship of Blogs: Threat Level
  • Figure 43--Policy Regarding Unauthorized Authorship of Blogs
  • Figure 44--Violations of Policy Against Unauthorized Authorship of Blogs
  • Figure 45--Methods for Deterring Unauthorized Authorship of Blogs
  • Figure 46--Actions Taken Against Unauthorized Authorship of Blogs
  • Figure 47--Instant Messaging Using Personal Accounts: Threat Level
  • Figure 48--Policy Regarding Instant Messaging Using Personal Accounts
  • Figure 49--Violations of Policy Against Instant Messaging Using Personal Accounts
  • Figure 50--Methods for Deterring Instant Messaging Using Personal Accounts
  • Figure 51--Actions Taken Against Instant Messaging Using Personal Accounts
  • Figure 52--Unauthorized Participation in Message Boards Related to Firm's Business: Threat Level
  • Figure 53--Policy Regarding Unauthorized Participation in Message Boards Related to Firm's Business
  • Figure 54--Violations of Policy Against Unauthorized Participation in Message Boards
  • Figure 55--Methods for Deterring Unauthorized Participation in Message Boards
  • Figure 56--Actions Taken Against Unauthorized Participation in Message Boards
  • Figure 57--Use of Personal Email Accounts: Threat Level
  • Figure 58--Policy Regarding Use of Personal Email Accounts
  • Figure 59--Violations of Policy Regarding Use of Personal Email Accounts
  • Figure 60--Methods for Deterring Use of Peronal Email Accounts
  • Figure 61--Actions Taken Against Use of Personal Email Accounts
  • Figure 62--Non-Work-Related Web Browsing: Threat Level
  • Figure 63--Policy Regarding Non-Work-Related Web Browsing
  • Figure 64--Violations of Policy Against Non-Work-Related Web Browsing
  • Figure 65--Methods for Deterring Non-Work-Related Web Browsing
  • Figure 66--Policy and Practice Regarding Monitoring of Employee Web Browsing
  • Figure 67--Actions Taken Against Non-Work-Related Web Browsing
  • Figure 68--Use of Business Email for Non-Work Purposes: Threat Level
  • Figure 69--Policy Regarding Use of Business Email for Non-Work-Related Purposes
  • Figure 70--Violations of Policy Against Use of Business Email for Non-Work Purposes
  • Figure 71--Methods for Deterring Use of Business Email for Non-Work Purposes
  • Figure 72--Actions Taken Against Use of Business Email for Non-Work Purposes
  • Figure 73--Methods to Increase Awareness of Policies Regarding Misuse
  • Figure 74--Who Has Primary Responsibility for Enforcing Policies Regarding Misuse?
  • Figure 75--Policy and Practice Regarding the Monitoring of Insider Email
  • Figure 76--Organizational Practice Regarding Monitoring of Insider Keystrokes
  • Figure 77--Organizational Practice Regarding Examination of Insider Computing Files
  • Figure 78--Organizational Practice Regarding Examination of Insider Internet Traffic
  • Figure 79--Types of Websites Forbidden, Restricted, or Monitored

Help Desk    Alliances     Privacy Policy  >

© 2014, Computer Economics, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
   Computer Economics • 2082 Business Center Dr. Ste 240, Irvine, CA 92612 • tel: (949) 831-8700