Got Malware? Check Your Employees’ Browsing Habits!
Wit
h such a widespread increase in malicious, fraudulent, phishing and scamming sites appearing daily, what guarantees does the IT administrator have that one of the employees will not visit a website that has been compromised and infected by malware?
Very few! And those guarantees disappear if the organization does not have adequate security solutions in place. We’re not talking just email security here but web security as well.
A recent survey commissioned by GFI Software among small and medium businesses in the US found that 40% know with certainty that they suffered some sort of security breach as a result of employees navigating to websites that host malware, infected downloads or have been corrupted by malicious code.
The Internet is a hornets’ nest of malware and other nasties and the bad guys are primed to pounce on suspecting users. What is worrying is that despite the high risk of infection, there are still organizations that are not paying attention to the problem or they are doing so for a good but not necessarily the most important reason.
The results show that even in the face of such infections, a majority of web monitoring software users do not cite defense of their network as the main driver for deploying such a solution. 55% of SMBs indicate that defense against infected websites is not their main priority.
A total of 24% of all respondents use it mainly to ensure employee productivity; 13.5% to conserve network bandwidth and speed; and 11.5% to prevent employees from visiting inappropriate sites.
These are all valid reasons to use web monitoring software but what about security?
These results indicate a lack of awareness about the full capabilities of web monitoring software and how these solutions are evolving into critical components of effective SMB network security practices. Protecting the network from malicious websites and downloads should be a top priority for IT managers in addition to concerns over employee productivity and bandwidth management.
The survey found that 70% of those not using web monitoring or filtering software claim that web use is not a problem in their organization. With all the threats that are reported in the media on daily basis, these organizations are really taking a big risk.
Web monitoring solutions that equip IT administrators with an additional layer of network defense against online threats and provide employees with the tools they need to make better, safer decisions while online go a long way in helping SMBs balance the benefits of Internet access with the risks it creates.
The survey of 200 U.S.-based IT decision makers at organizations with between five and 249 employees was fielded by noted polling expert Opinion Matters, between Sept. 29 and Oct. 4, 2011.
The good news is that they are at least using web monitoring and filtering software because many others don’t. Of course, it is not admirable that IT admins are unaware of the full potential of software they already have and don’t use it to stop malware but still this is a move ahead.
Employees’ browsing habits differ from one another. CEOs, executive officers, managers, HRs, and other top-level workers have different browsing behavior as compared to the other staff. My point is, you can’t generalize all your employees when it comes to using the World Wide Web.
Aside from browsing habits, they also don’t visit the same websites. For instance, executives mainly surf business and finance-related sites. They also read several news articles.
Most new employees, especially the interns, have a higher tendency to browse websites that host types of malwares. This should be acted upon first.
55% of SMBs indicate that defense against infected websites is not their main priority. – this just proves that SMBs still has something to learn about online security. As more and more malwares are getting stronger and malicious than ever, small and medium enterprises should have something in place just in case the worse gets worst.
Monitoring the employees’ browsing habits is one thing, security software is another. The two should go hand in hand.
True to its name “web monitoring software” should be used as what its name suggest – for productivity and not for online security. I agree with the 24 percent surveyed. If you want to be completely secured while using the World Wide Web, install a dedicated online security program or platform.
Also, time will tell to those 70% respondents. They’re not only at risk, they’re also suggesting to their clients that their organization’s web security is not well-protected. And these days, customers are very wary to companies with unstable Internet security.
@ PerryB. Web monitoring is but one facet of a complete online security strategy. Web monitoring, as you rightly state, helps to maintain productivity levels and cut down on abusive use of internet access during office hours. Then you have web filtering software which is key for online security – preventing threats though web browsing/downloading from entering the network. Most solutions on the market offer them as a package because both are needed for an effective and comprehensive control of internet access in an organization. That said, every business should have additional measures in place to boost security. A patch management solution is another important addition to a security administrators arsenal… shoring up holes in a network and identifying vulnerabilities is also a must.