Study claims complete data security is impossible
Leeds (UK) – Even what we perceive to be foolproof IT systems will never be able to safeguard sensitive information, according to researchers from the University of Leeds. The “human autopilot” gets the blame.
The results of this study surely won’t make you feel more comfortable about all your personal data that is stored in countless data centers around the world. According to the results of study conducted by the University of Leeds, you have to worry about corporations and organizations keeping your social security number, credit card numbers, addresses, credit scores and other sensitive data safe. A 100% safeguard for this information is not possible, the researchers claim.
“No matter what steps an organization takes, they will always run the risk of being compromised by human psychology and the way we perceive risk on a day-to-day basis,” said Gerard Hodgkinson, director of the Centre for Organisational Strategy, Learning and Change (COSLAC). “Our research shows that organizations will never be able to remove all latent risks in the protection and security of data held on IT systems, because our brains are wired to work on automatic pilot in everyday life,” he said.
That “autopilot” refers to our tendency to simplify the characteristics of our environment, Hodgkinson said. “If we considered and analyzed the risks involved in every permutation of every situation, we’d never get anything done ! If I make a cup of tea, I don’t stop to weigh up the probability of spilling boiling water on myself or choking on the drink.”
These conclusions came after Hodgkinson’s group had surveyed 112 people who “regularly used IT systems in the course of their work” about their opinions on possible data security risks and the probability, underlying causes and likely consequences of the most commonly described scenarios.
Robert Coles, one of the authors of the report, said that “the results showed that when asked to focus on potential problems, employees seemingly exhibit a highly sophisticated perception and categorization of risk, and insight as to the consequences of risky scenarios. However, this perception isn’t always translated into practice and elementary errors are still happening - and will continue to happen.”
However, the researchers believe that their findings can help companies to find “blind spots” in what workers perceive as risk and probability, which ultimately could improve data security. Also, Coles noted that security processes need to be revised in general : “Perhaps organizations should consider involving the potential users when developing crucial business processes.”
“A well-designed system should not allow these mistakes to be made. We need more triggers and mechanisms in the workplace that make us stop and think before we act,” he said. But even then, a 100% safeguard guarantee will not be possible.
The complete findings of teh report are published in the February issue of the journal Risk Analysis.
- Business,
- Networking,
- Data ,
- loss ,
- security
- Mozilla unveils Firefox v.2.0.0.12
- Windows Vista SP1 RTM available via MLVS
- Nokia tracks traffic info with mass GPS feeds
- Flow to make PSP debut via digital download
- Recently discovered patent hints at slider design for Blackberry
- Nvidia releases specs of GeForce 9M series, kind of
- It's full Steam ahead for Valve's PC game download service
- Facebook is translated into Spanish
- Codemasters to honour descendents of Mario Contasino....Once they they find them
- Report claims Yahoo will rejct Microsoft's offer
- T-Ray may be able to uncover hidden masterpieces
- Writers' Guild to vote on contract that could end strike
- Mobile operators join forces to prevent child abuse
- Wii being used in physcial therapy in the U.S.
- Yahoo! rejects Microsoft's $44.6bn offer
- Netflix goes exclusively Blu-ray
- Google's Android makes debut at Mobile World Congress
- Nvidia unveils first CPU
