Small and medium sized businesses (SMBs) around Europe are failing to protect themselves against today’s emerging security threats, claims IT security firm Websense.
A survey highlighted the increasing use of potentially unsafe Web sites and applications by employees, coupled with a dangerous lack of understanding regarding the security threats these sites pose. Yet, both IT managers and employees believed their jobs would be at risk for infecting the company with malicious code (45pc and 83pc, respectively). Moreover, the research also exposed a worrying discrepancy between IT managers’ perception of the protection they have in place and their real state of security.
The study of 750 IT managers and general employees in SMBs in five European countries, found that 98pc of IT managers believed their technology and processes were adequate, with over half (53pc) believing their company to be very well protected against security threats and a quarter feeling 100pc protected.
Yet when questioned further, it emerged that the vast majority of SMBs failed to defend themselves against security holes by blocking peer-to-peer, filtering Internet use, and blocking attachments to instant messages. Of the list of nine potential security risks, not a single company protected against all of the threats – with 15% believing firewall and antivirus solutions were sufficient protection for their business.
Findings:
EQUAL PROTECTION: 71pc of SMB IT managers felt that they should have the same level of Internet security as a large organisation.
JOBS ON THE LINE: While 76pc of employees surveyed believed that they could be sacked for leaking sensitive company information, 45pc admit engaging in activity that could put their company’s data at risk.
BLIND CONFIDENCE AMONGST EMPLOYEES: 66pc of users were confident that their IT department was protecting them from all Internet security threats.
RISKY SURFING: A quarter of employees surveyed said they could not live without peer-to-peer file sharing during their work day. 17pc admit to using free software download sites at work.
LACK OF SECURITY: SMBs in Europe are not fully protected from Internet security threats.
Among the findings:
– Only 6% block USB devices and iPods
– Only 22% block peer-to-peer applications
– Only 30% block instant message attachments
– Only 31% block phishing sites
PAPER POLICIES – 84pc of SMBs in Europe have Internet usage policies but only 25pc ensure that employees sign them. Only 47pc automate their policies by using Web filtering software.
What they say
"Smaller IT budgets and fewer technical staff has left many SMBs with gaping holes in their Internet security systems. Many of these organisations are failing to control the use of applications such as peer-to-peer or block access to malicious Web sites such as phishing sites, both vehicles of data theft,’ said Mark Murtagh, Websense. "Internet threats are just as real for SMBs as they are for large enterprises. While most SMB’s now possess a basic level of protection against these risks, the vast majority fail to defend themselves from the complete spectrum of threats and – as a consequence, are putting their company, its employees and its data at risk."
