Unnecessarily strict IT security policies could be counter-productive, firms have been warned.

A study by IT Governance found that 68 per cent of employees have had to bypass their firm's IT security measures in order to do their jobs.

Alan Calder, spokesperson for the firm, explained that while IT security is vital for a firm, if it is not done properly the results can be disastrous.

He said: "By imposing ill-considered procedures, many organisations leave people little option but to break the rules if they are to do their jobs

"This not only leaves businesses vulnerable to data breaches and fines, but also does lasting damage to the way employees regard info security."

The report also found that although 86 per cent of firms have polices and procedures in place to protect sensitive data, only 56 per cent make a concerted effort to identify and report information loss.

A recent report by PricewaterhouseCoopers suggested that firms should focus on improving the behaviour of their staff to help increase IT security levels.

According to a recent survey by Connect, the two biggest IT headaches for businesses were 'everyday hassles with IT' (37 per cent) and 'security concerns' (32 per cent) In a recent survey of SMEs for Connect, the two most important benefits of outsourcing were 'guaranteed response times' and 'allowing in-house IT staff to concentrate on more strategic issues'