Corporates in Europe may have their technology strategies in place, but they are slow to introduce effective security policies.
That was the general consensus amongst companies attending this year's Microsoft Tech.Ed conference, taking place this week in Amsterdam.
"Security policies have to be made at exec level, and they are extremely slow which leaves many networks in a very vulnerable position," commented Olivier Thierry, vice president of marketing for Mission Critical Software.
Consultancy firm Cap Gemini said that increasingly corporates are starting to address security issues within their organisations, but many do not know where to start.
"It is a case of taking a balance," said John Carr, principal consultant with Cap Gemini. "The Internet and email are rich tools, so it makes little sense to go in with a draconian approach."
Cap Gemini's own security policy covers sexual discrimination, racism or pornography within its organisation. This includes searches on the Internet and swapping emails.
Paul Martiz, vice president of Microsoft's development group, told VNU Newswire it is an area that Microsoft is becoming increasingly active in.
"It is becoming a major issue," he said, with no hint of irony.
Microsoft is providing security education for its clients and has a number of white papers on the subject. Recently Rolls Royce sacked five people for using its corporate network for sending "grossly offensive" hardcore porn. All five failed to have their dismissals overturned at separate tribunals.
Corporates, however, may have to rewrite existing security policies. The data protection registrar has confirmed that there will be privacy legislation in the new Data Protection Act that is due to be written into the statute books later this year.
Although it is still a blueprint, it is likely to insist that employers tell employees if they are going to intercept emails, control Internet access or monitor them with CCTV cameras.
Dr Kuan Hon criticises GDPR consent emails that will only eviscerate marketing databases and 'media misinformation'
Apple squashes Steam Link app on 'business conflicts' grounds
Philip Hammond wants to forget rules that the UK agreed with the EU to ban non-European companies from the satellites
Instapaper to 'go dark' in Europe until it can work out GDPR compliance