Report highlights failings in SMB’s IT security
Link: Report highlights failings in SMB’s IT security
Filed under: Security News, Internet News, Business News
According to new research commissioned by Websense Inc, employees of small and medium sized businesses (SMB’s) regularly visit high-risk sites in work time, but IT Managers are failing to implement adequate IT security measures.
The research, which was carried out by Dynamic Markets, surveyed 750 IT managers and employees in SMBs across five European countries.
The ‘SMB State of Security Survey’ found that a quarter of IT managers within SMB’s felt that employees were ultimately responsible for IT security breaches.
According to the research, European employees spend just under two hours a day on the Internet and admit that they spend about 30 minutes of this time browsing non work-related sites.
However IT Managers believe that employees spend around 4 hours a week using the Internet for personal reasons.
A third of the employees surveyed said that they could not live without being able to visit sites with a high-security risk, such as free software download sites.
Despite the obvious security issues that this behaviour presents, only 47% of the IT Managers surveyed used Web filtering software on their company’s IT system.
A quarter of the SMB’s surveyed had Internet use policies in place but did not ask employees to sign them, while a further 16% did not have a usage policy at all, preferring to put their trust in employees.
While employee behaviour was found to be the main factor that caused problems with maintaining IT security, IT Managers also cited ‘IT security not being high enough up the corporate agenda’ and ‘budget constraints’ as factors that made security implementation difficult.
The survey also found that employees tend to assume that their work computer is protected against Internet security threats. Only 31% of employees who used their personal credit card at work, checked that their PC was protected against identity theft before carrying out a transaction.
Websense advises all SMB’s to make IT security a business-critical issue and to implement automated Internet use policies.