The IT industry must take measures to make security easier and faster for employees who are not computer savvy says Novartis Australia chief information officer, Ruth Marshall. Speaking at the Australian Information Security Conference (AISA) 2011, she said the pharmaceutical company employed a mobile workforce who were struggling to remember multiple passwords and were being slowed down by security updates which could take 15 minutes to load when they logged in to the company’s virtual private network (VPN). In-depth: Information security 2011 Research Report. “Sixty per cent of my 1000-strong workforce is out in the field and they only come to the office twice a year for meetings so the VPN is essential for them,” Marshall said. Many staff members, who are not “computer people”, neglected to click the send secure button on emails and forgot multiple passwords. “Even if they did use the send secure email function, someone can just forward the email once they have received it and then it could go anywhere,” she said. Another problem faced by Novartis was that staff chose not to use the company’s corporate encrypted e-meeting tools as, according to staff feedback, Skype was “way cooler”. The same applied to an internal social networking platform developed by the company called Yammer with staff choosing to use public social networking sites Facebook and Twitter instead. “No matter how many times we tell staff that we’re not monitoring their conversations, they are never going to be as free with their opinions on the internal Yammer tool as they would be with Facebook,” she said. “The more our community gets distributed and their data gets put into the Cloud, the harder it is for us to be sure that we are managing security, traceability and controls.” While Marshall has reminded staff to be more disciplined and to not do security updates while trying to load reports, she conceded that many were not disciplined when it came to security. “People are not going to change their behaviour in order to make the company more secure so we need to look at security environments,” she said. To overcome these problems, Marshall issued a challenge to conference delegates to make security more efficient and usable for people. “Useability is the biggest challenge we face because we can’t turn the clock back to stop Cloud computing or bring-your-own-devices [BYOD]. We need to stop security being a barrier for people who are trying to do their jobs; we need it to be transparent and useable.” According to Marshall, email encryption should become a default rather than a opt in option while virus scans needed to be easier and quicker. “People cannot be slowed down anymore by a 15-minute wait while their machine is being crunched through,” she said. Follow Hamish Barwick on Twitter: @HamishBarwick Follow CIO Australia on Twitter: @CIO_Australia Related content brandpost Sponsored by FPT Software Time for New Partnership Paradigms to Be Future-fit By Veronica Lew Dec 06, 2023 5 mins Vendors and Providers brandpost Sponsored by BMC Why CIOs should prioritize AIOps in 2024 AIOps empowers IT to manage services by incorporating AI/ML into operations. By Jeff Miller Dec 06, 2023 3 mins IT Leadership opinion Generative AI in enterprises: LLM orchestration holds the key to success In the dynamic landscape of AI, LLMs represent a pivotal breakthrough. Unlike traditional AI, which demands frequent data updates, LLMs possess the ability to learn and adapt in real-time. This mirrors human learning and positions LLMs as essential f By Shail Khiyara Dec 06, 2023 10 mins Generative AI Artificial Intelligence brandpost Sponsored by Freshworks How gen AI is joining the holiday shopping season One year after the launch of ChatGPT, the retail industry is embracing generative AI to deliver a variety of benefits By Elliot Markowitz Dec 06, 2023 4 mins Generative AI Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe