Temp Workers a Potential Security Risk, Says Survey
According to the results of a survey undertaken by the security company Websense, temporary staff are potentially jeopardising the information security of the businesses they are working for.
The survey - which gathered the opinions of over 100 temporary workers - discovered that 87 per cent could gain access to documents saved on the firm's network drive. Furthermore, 80 per cent were able to surf the internet from their allocated workstation, while 52 per cent had used an e-mail account belonging to a full-time worker there.
Consequently, said Websense, the potential is there for significant loss of data where firms are failing to implement procedures through which temporary staff are prevented from breaching corporate security.
97% of Temps Assessed Unaware of/ Unsure on Computer Misuse Act
The survey also found that proper briefings were not being provided to temporary staff. 97 per cent of the assessed confessed that they were either unaware of the Computer Misuse Act, or had little understanding of it. 79 per cent, meanwhile, described how they had not been required to sign a policy on computer/ internet protocol before beginning a new assignment.
According to Comsec Consulting's Emma Leith, the findings did not come as a surprise. "A lot of companies tend to have procedures and policies that are not really accessible because people don't know they exist", she said, adding: "This applies more so to temporary workers.
"The first thing they should be given is information on the firm's procedures and policies on the Data Protection Act and on email misuse."
Ms Leith, who works as an Information Security Consultant, added that the greater number of security infringements emanate from within companies, stressing the need therefore for the same measures to be provided to permanent members of staff. "Even at the database level, I often see permissions not adhered to; there are certain sensitive files that everyone has access to when they should only be available for specific roles", she stressed.
More and more, said Ms Leith, technology could be used to maintain security - employing solutions such as encrypted emails.
Source - Security International's Internet Reporter
