Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:25 AM
Connect Directly

CIOs Say Employees Complain About IT Security Policies

40% say it's very or somewhat common for employees to complain about restrictive policies.

Workers denied access to certain websites at work are not afraid to voice their frustrations, a new survey shows. Four in 10 chief information officers interviewed recently said that it's at least somewhat common for employees to complain about security measures that limit which websites or networks they can visit at the office.

The survey was developed by Robert Half Technology, a provider of information technology professionals on a project and full-time basis. It was conducted by an independent research firm and is based on telephone interviews with more than 1,400 CIOs from companies across the U.S. with 100 or more employees.

CIOs were asked, "How common, or uncommon, is it for employees at your company to complain about IT security measures that limit their access to certain websites or networks?" Their responses: 12% said "very common," 29% said "somewhat common," 29% said "somewhat uncommon," and 29% said "very uncommon."

"There will always be employees who feel IT security policies are too restrictive," said John Reed, executive director of Robert Half Technology. "But in most situations, robust information security measures are necessary to protect sensitive data and an organization's network integrity from increasingly sophisticated threats."

Reed noted, however, that companies with a high volume of complaints from employees about web or network access may need to reach a compromise, particularly if overly restrictive policies are standing in the way of productivity.

Robert Half Technology offers the following tips for workers to improve their understanding of IT policies around network security and web access:

* Don't be afraid to ask. Some policies may simply be outdated and no longer make sense. Asking someone in your organization's IT department why access is restricted is often one of the quickest ways to resolve an issue.

* Make a business case. If employees can't access a client's website or a professional networking site that can generate business, it will probably be an easy case to make. However, if the case isn't that straightforward, be prepared to discuss how access to a site or network will help the business grow and why it's necessary.

* Listen. Even seemingly simple requests for access may be denied, but for good reason. It's critical that workers understand IT security professionals are concerned with security across an organization. Allowing access to certain websites, even if justified from a business perspective, could be too risky enterprise-wide.

* Compromise when necessary. If you have a strong business case to relax a particular IT restriction, but your IT security team thinks the risk is still too great, be ready to ask if there is a suitable compromise. They might offer another solution, such as setting up a computer with Internet access, but not connected to the company's network.

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.