We don't need no education

The Swiss Institute of Technology, Google and IBM have conducted a study and found 600 million users have not updated their browsers leaving them vulnerable to risk as they haven't got the most up to date security patches. Once again the Beeb has the whole story. Personally, I'm not surprised and I doubt it was a big shock to many others. More often than not when I do get an automated update alert its when I'm in the middle of something and I ignore it. Now, being a bit of a geek (but don't tell anyone), I do know the importance of doing these updates and they do get done. But if an average PC user isn't au fait with why they are getting these alerts then why should they do it?

Most larger organisations do centralise their IT and therefore get security and patches rolled out on a regular basis. However, that is still leaving a vast number of companies - as well as staff who use home PC's for work purposes - vulnerable. It is vital that companies really get up to speed on educating their staff on IT security and ensuring it is followed, otherwise they continue to put themselves at risk. It is unfair to put the onus on staff to ensure data protection if you won't invest time showing them how to do it. At Lighthouse we are often talking to clients about the breaking stories around data loss and vulnerability, and as a tech PR agency we are more aware of security best practices. However, you can't expect the employees of a talent recruitment company, for example, to have a full understanding of IT when it is nothing to do with their working skill set.

Some days it feels like we can't do anything with a computer without it causing some kind of security risk, but ensuring staff have a full understanding of IT goes a long way to making sure that risk is minimised.