SMEs continue to ignore warnings about IT security and are leaving themselves wide open to attack, according to the results of a new survey conducted by managed security company, Network Box.
Despite evidence showing that phishing attacks are increasing in frequency and sophistication, the poll revealed that nearly two-thirds (62 per cent) of SMEs have no system in place to protect against such attacks. Thirty-eight per cent have no protection against spyware. When it comes to anti-virus updates, the results do not get any better: 99 per cent of respondents have no idea how often their anti-virus protection is updated; while 99 per cent do not have any way of being alerted if the update system fails.
The survey also revealed that employees of SMEs are likely to be blighted by junk emails – nearly one-third (30 per cent) of SMEs do not have an anti-spam solution in place. However, workers will be able to get their own back on their bosses – nearly half (48 per cent) of SMEs do not use a web filtering system, meaning employees can access any website, at any time of the day, reducing productivity and company liability.
Comments Simon Heron, Managing Director, Network Box: “Worryingly, the message about the need for IT security does not appear to be reaching SMEs – this year’s findings make no better reading than last year’s.
“We do appreciate that SMEs have far fewer resources and expertise than large enterprises, which are far better equipped to deal with IT security. However, finding resources is a question of priorities. For any business – large or small – that operates in the online world, effective IT security has to be a priority.
“The results show that many SMEs are wide open to attack on many fronts, and it’s up to the industry to continue pushing the security message to SMEs. If they understood what the repercussions of an attack would be, they’d be far more concerned about protecting themselves.”
According to the research, on average, a business with 250 networked PCs could save more than £14,000 on the cost of multiple licenses, hardware, internal resources and external contractors by outsourcing their network security systems*. “Unfortunately, we suspect that some SMEs are living in a time warp and pretending that either these threats do not exist, or that they will not become a victim. What many SMEs don’t realise is they don’t need to be experts and that IT security is not prohibitively expensive – there are many all-in-one security devices available, or they could outsource IT security to a specialist company,” says Heron.
Network Box surveyed 250 SMEs (1-500 employees) between May 2006 and April 2007.