Careers & People
5/24/2017
03:00 PM
50%
50%

Unsanctioned Computer Support Costs Companies $88K per Year

A new survey of security professionals says that 83% of respondents help colleagues in other departments fix their privately-owned computers on company time.

Security professionals are devoting more than one hour during the work week to assist co-workers who are asking for help in fixing their employee-owned personal computers, according to a survey released Wednesday by FireMon.

The survey of more than 350 IT security pros found 83% help fellow employees in other departments fix their personally owned computers. And of this group, 80% spent an hour or more per week doing this.

This translates into assistance that is costing employers roughly 52 hours a year or more – slightly more than a week's worth of vacation. It also comes at a time when companies are scrambling to fill a shortage of IT security workers.

According to the study, the average salary for an IT security professional is $55 an hour. So when you multiply that with the 52 hours that an IT security worker spends helping co-workers fix their personal laptops and computers, it comes out to roughly $3,000 a year in lost security work, according to the survey. And when you consider the average IT security staff is roughly 31 workers, then that collective figure jumps to a loss of $88,660.

Read more about the study here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/30/2017 | 9:24:27 AM
Interesting Stats
This is a good mechanism for comparing work productivity, or lack of, for an overall group of employees.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/30/2017 | 9:18:59 AM
Re: This will only get worse because...
I'm not so convinced that working remotely would increase this cost. The article states that these services are being provided to other departments. I think that working remotely would further segment departments from a social aspect, thus having an employee from a different department less likely request this type of help. Just my opinion.
LindsayCybSafe
0%
100%
LindsayCybSafe,
User Rank: Strategist
5/25/2017 | 6:17:28 AM
This will only get worse because...
Remote working is on the up, as people are using private devices more often and unsecured wifi networks to do work related activites, including uploading sensitive docs to cloud storage. Cybsafe is best to use to educate your workforce and update them with real time threat intelligence.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.