IT Departments Are A Security Risk

stlhawkeye writes "An article at Information Week asks the question - is your IT department a security risk? The thesis of the article is that rank-and-file employees will tend to engage in dangerous/insecure/irresponsible computing and internet behavior if they know that there's an IT department to clean up the mess. 'That confidence,' says the article,'leads workers to do risky, even stupid, things at work, such as opening questionable e-mail messages or clicking on unknown Web site links.' Employee education and training doesn't help, either: '[S]ome workers slough off responsibility for even knowing about threats. Workers in larger companies don't worry about being educated. Big company employees just don't see security as their responsibility.'"