Intrusion prevention 'is key'
McAfee and IoD urge SMEs to set up proper security management policies
Security vendor McAfee has joined forces with the Institute of Directors (IoD) to educate SMEs on the need to switch from anti-virus to intrusion-prevention technology.
Research released by the two organisations, which questioned 1,240 SMEs in the UK, revealed that 57 per cent have suffered damage as a result of a virus, with half attributing this to misuse of technology by employees.
Viruses are still the biggest threat according to 75 per cent of respondents. Data theft and hacking also were identified as risks.
"So far this year we have seen more attacks [on networks] in the first half of 2004 than in the whole of 2003," said Sal Viveros, SMB director at McAfee.
"The human factor is the main reason for the security breaches. Firms don't have a strong enough security policy to prevent staff from opening attachments, using peer-to-peer networks or downloading applications from the web.
"We have teamed up with the IoD to educate firms about the need to have an effective security policy and to manage it properly. Education is key."
Viveros added that this gives the channel a good revenue opportunity. "Many resellers selling anti-virus products should now be encouraging firms to take up intrusion prevention and to have a proper security management strategy in place," he said.
Jim Norton, senior policy adviser on e-business at the IoD, said: "Security is a major issue for UK businesses, and it is important for IT security strategies to address and evaluate the issues relating to employees' use of systems and proactive management of the company's technology.
"Working with staff on effective policy implementation and management, coupled with proactive intrusion prevention, is increasingly important."