IT managers pass the security buck

European SMEs blame employees for security breaches

Written by Ian Williams

vnunet.com, 24 Aug 2007

A quarter of IT managers at small and medium sized enterprises (SMEs) throughout Europe believe that employees are ultimately responsible for IT security breaches, according to new research.

The SMB State of Security report from security firm Websense surveyed 750 IT managers and employees at companies with 100-250 employees in the UK, Germany, France, Italy and The Netherlands.

Although employees acknowledge that they spend an average of two and a half hours a week surfing the web for pleasure, just under half of the IT managers surveyed use web filtering software to protect against web-based threats.

Twenty-three per cent of SMEs have internet usage policies in place, although they do not require an employee to officially sign the policy.

A further 16 per cent admitted to having no usage policy at all, saying that trust in their employees was sufficient to prevent abuse.

Yet nearly a third of IT managers rated 'employee behaviour' as the leading cause of job frustration when it comes to implementing and maintaining IT security.

'IT security not being high enough up the corporate agenda' was the second highest at 27 per cent, and 'budget constraints' came in third at 21 per cent.

A few respondents believe that SMEs should have less protection in place than large organisations because they are exposed to lower levels of risk and do not have the budget.

But the vast majority (71 per cent) felt that all companies should have equal levels of protection irrespective of their size.

"We urge all SMEs to make IT security a business-critical issue," said Mark Murtagh, technical director at Websense.

"Leaving their employees to make security decisions based on what they feel is right is not only putting company confidential data at risk, but adding a strain to the IT department.

"Internet usage policies need to be automated to ensure that hidden dangers are found and protected against."

The research also revealed that the majority of SME employees are placing a false sense of security in their IT department, as two-thirds trust their company to protect them from internet-based security threats.

Only 31 per cent of employees who have used a personal credit card at work have questioned the IT department about whether their PC is protected against identity theft.

See also:

reader comments

related articles

Security experts brace for September spam deluge

Back to school time perfect opportunity for hackers 22 Aug 2007

 

Mobile workers still clueless about security

IT department's problem, say end users 22 Aug 2007

Unencrypted networks threaten data security

Open data traffic offering easy access to hackers 21 Aug 2007

UK business not meeting data protection deadlines

Board only paying lip service to IT staff 09 Aug 2007

Half of companies block Facebook

Research reveals mixed reaction to social networking sites in the workplace 22 Aug 2007

IT managers not blocking music download sites

Even though they view them as a potential threat 08 Nov 2007

IT security budgets on the rise

Remote workers still creating headaches 12 Mar 2008

Security

SME workers pose top security risk

Small firms without the luxury of a dedicated IT department most at risk 03 Jun 2008

latest news

Small businesses feeling the pinch

FSB calls for interest rate cut as market downturn gets a grip on SMEs 07 Oct 2008

SAP shares plunge after sales warning

Software vendor sees share price nose-dive 16 per cent after admitting sudden drop in sales 07 Oct 2008

Barlow leaves Computacenter

Former Equanet chief said to be looking for next channel opportunity after parting company with corporate reseller 06 Oct 2008

More news

poll

To trade or not to trade?

To trade or not to trade?

Is the rise in card-not-present fraud discouraging you from trading online?

Previous poll results

Vendor Q&A Session: Rick Wallis, NEC Computers

Vendor Q&A Session: Rick Wallis, NEC Computers

During this Q&A session Rick Wallis, UK Sales Director at NEC Computers, talks about the firm’s reasons for committing to a 100 per cent channel strategy

In The Studio with CRN: Dave Poskett, HP

CRN TV catches up with Dave Poskett, director of Solutions Partner Organisation for the UK & Ireland at HP

More CRN TV

events

Channel Awards logo

CRN Channel Awards 2008

The Channel Awards recognise excellence and exceptional performance from businesses and individuals in the UK technology channel

More Events

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

White papers

Search white papers

Top categories

Primary Navigation